Terry Childs, a network administrator for the city of San Francisco, was jailed July 13 on four felony charges of taking control of the city's computer network and locking administrators out. He eventually gave up the passwords to the Mayor in a secret jail-cell meeting a week later.
Things would have been different if the city had been able to use Lanxoma, software used to authorize and monitor activities of IT administrators, according to Manoj Patel, chief executive of Lanxoma creator Unity Solutions. The product was launched Monday at DemoFall.
The software records everything IT workers do while having privileged access and ensures that they can't do anything without first being authorized. It logs every action they take, including recording their keystrokes.
The insider threat is the biggest of the threats facing corporate and large-scale networks, and IT workers have the most power to do damage because they have access to everything on the network, according to Patel. Enforcement is key, he said, adding that not every IT worker needs free reign of the network.
"It can't stop (the action), but it creates evidence that can be used to prosecute a worker," he said. "Just like a video camera. It doesn't prevent the break-in," but it helps the investigation.
SAN DIEGO--A variety of new enterprise security-related products were presented at DemoFall on Monday, including software for blocking malware and preventing data leaks and insider threats, and a desktop management service.
CoreTrace showed its new Bouncer software, which automatically creates a whitelist of applications that are deemed to be legitimate and blocks applications that aren't on the list and which could contain malware.
New applications are checked against the whitelist and are not allowed to be installed or run when they are not on the list. But it allows approved applications to be added to the whitelist.
Fortressware offers protection against data leaks. It lets companies maintain control over sensitive documents even when the files are shared with outsiders. Companies can use the software to block printing, copying and forwarding of the documents.
Paragent detailed its new Paragent MSP, a remote desktop management service for $8 per computer per year. It allows users to inventory their software and hardware, get alerts, offer a help desk function and track warranties.
Enterprise Informatics presented its new eB for SharePoint, which lets people relate information and assets across a corporation. It is designed to make it easier for corporations using Microsoft Office SharePoint Server to see what data they have and create models and classify the data as well as do centralized site provisioning.
Unity Solutions demonstrated how its Lanxoma records every action of IT workers to counter insider threat at corporations. It is in beta test.
And Usable Security Systems announced software that will enable people to use one secure password to log into multiple accounts online
Usable Security Systems announced here at DemoFall on Monday a new service that will let people use one password on any site on the Web.
Basically, you will only have to remember one codeword for all the sites you log into, once the UsableLogin service launches in early 2009, says Rachna Dhamija, CEO and founder of Usable Security Systems.
The authentication service strengthens the codeword you choose by cryptographically combining it with additional random bits of data. The additional data is different for each site accessed and is dispersed on your PC and on Usable Security servers. That renders the codeword impossible for anyone else to guess but easy for you to remember.
Usable Security doesn't store or save the codeword, and it isn't displayed to Web sites.
The service allows you to view log-in activity across all your accounts through one dashboard. You can personalize your log-in with images you supply or pick from options so that you are assured that you are at the legitimate log-in. The service can be configured so that you can use it on different computers, such as at home and at work, but still remember only the on codeword.
Consumers will be able to download a browser extension that displays a UsableLogin box for free. It works with any site that accepts passwords and works with any operating system or browser.
Web sites will be able to offer the authentication service to their customers, for a fee that has yet to be determined, Dhamija says. The sites will be able to insert a snippet of JavaScript on their sites so the log-in box will be displayed.
In the future, the service will allow browsers to automatically remember the codeword for each session, she says.
On average users have about 25 accounts and users log in about eight times a day, she said in her demo.
Updates with announcement taking place.
- prev
- 1
- next
