Terry Childs, a network administrator for the city of San Francisco, was jailed July 13 on four felony charges of taking control of the city's computer network and locking administrators out. He eventually gave up the passwords to the Mayor in a secret jail-cell meeting a week later.
Things would have been different if the city had been able to use Lanxoma, software used to authorize and monitor activities of IT administrators, according to Manoj Patel, chief executive of Lanxoma creator Unity Solutions. The product was launched Monday at DemoFall.
The software records everything IT workers do while having privileged access and ensures that they can't do anything without first being authorized. It logs every action they take, including recording their keystrokes.
The insider threat is the biggest of the threats facing corporate and large-scale networks, and IT workers have the most power to do damage because they have access to everything on the network, according to Patel. Enforcement is key, he said, adding that not every IT worker needs free reign of the network.
"It can't stop (the action), but it creates evidence that can be used to prosecute a worker," he said. "Just like a video camera. It doesn't prevent the break-in," but it helps the investigation.