Interesting Tidbits -- and a Bit of Good News -- on the Insider Threat

Carl Weinschenk

Enterprising reporters unearthed two interesting items this week. The Times of in the UK ran a story on a patent application filed in the U.S. by Microsoft for technology that will wirelessly track biometric factors of a company's employees. The story quotes from the application, which says the technology would track:

heart rate, galvanic skin response, EMG, brain signals, respiration rate, body temperature, movement [sic] facial movements, facial expressions and blood pressure."

The technology, of course, wasn't in place to monitor the reaction of the lawyers at the American Civil Liberties Union (ACLU), assuming they saw the piece. That's unfortunate, since Microsoft could have used the readings as a benchmark for testing the software.


In any case, the story says that readings would be used to dispatch managers if warranted. While such testing has been done in exceedingly narrow areas -- such as NASA astronauts and pilots -- it is not in mainstream use. The story doesn't explicitly say so, but there is little doubt that such a system has potential uses to monitor physical and electronic insider threats.


The second item is more directly related to the insider threat. A friend of the News Editor at Search Engine Land pointed to a job posting at Google. The company clearly is beefing up its internal security. The position entails watching for deviations from company policy and other activities that could undermine the company. The post offers five bulleted items from the job's list of responsibilities. Google appears concerned about whether its policies are adequate and if they are being followed. This is a Network World buyer's guide on outbound content monitoring technology. This hardware and software is a mainstay of efforts to staunch insider threats. It's a good site to bookmark because it is updated on a continuing basis. Currently, it offers small capsules on eight products, with links to more extensive information. The current offerings are the CI-1500 and CI-750 Content Inspection Appliances, both from Code Green Networks; the Compliance Commander from Sentry; The GTB Data at Rest Manager, GTB Endpoint Protector and GTB Inspector from GTB Technologies; the Data Loss Prevention Solution from Vericept; and the Content Protection Suite from Websense.


There is, in a round-about fashion, good news about data leakage in this post. The item at Matt Flynn's Identity Management Blog begins by quoting the unattributed but entirely plausible assertions that 70 percent of electronic security breaches start inside the enterprise and that 90 percent of those are from people with elevated access rights, such as database administrators and system administrators. The writer says most attacks are either opportunistic or unintentional.


That's the good news: Malicious attacks are not a huge category. If that's so, the road to a safer enterprise becomes far shorter. Instead of targeting a group of smart computer-savvy people trying to outwit defenders, security forces can focus primarily on a much more benign group who have neither the desire or ability to do major structural damage.


The senior vice president of Identity and Security Management at Novell seems to agree with the assessment that the insider threat is more based on cutting corners and laziness than maliciousness. In assessing what he considers to be the leading security risks of the year ahead, Jim Ebzery said in this Silicon Republic piece that the increase in collaboration, file-sharing and mobility -- accomplished with an ever broader array of laptops, PDAs and similar devices -- leads to greater exposure.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.