A Case for Lanxoma

“A White Paper By Manoj Patel”

Financial institutions have been robbed, commercial organizations defrauded and public records abused - not by users of the data - but by the IT professionals who have root level access to systems and networks. Five years ago 36 percent of respondents to the Pricewaterhouse Coopers security survey reported they had suffered zero security incidents: in 2007 that number was down to 22 percent. Who attacked the rest? Respondents said current or former employees in two-thirds of instances.

For what seems like years now the world’s media has been filled with quotes from security experts and corporate executives worried sick that there was no way to stop the threats from insiders.

Little did they know that since 2006 a small but highly innovative company had taken up the challenge to eradicate this problem at the behest of an enlightened multinational pharmaceutical company.

The resultant product, Lanxoma, has been installed and tested at the pharmaceutical giant and as they say on TV is now ready for prime time.

And the good news for budget conscious executives is that Lanxoma not only eliminates the insider threats but it also is a godsend for auditors wanting to judge an enterprise’s compliance to the plethora of regulation. A third and very important aspect is that Lanxoma is not just a “Big Brother” tool, it can also be used to assist in employee training as it records every action they take.

How does Lanxoma work? First and foremost it allows management to grant access for specific tasks for predetermined periods of time. When the task is completed, the allocated time expires or an unauthorized action occurs, the manager is notified by message, email, instant message or text message. Throughout the activity, the user’s every keystroke, mouse movement and screen view is recorded for possible later playback. It’s the equivalent of CCTV for your system.

The benefit of Lanxoma does not lie just in controlling access and recording evidence. It acts both as a deterrent and a means of proving an employee is not guilty of unauthorized activity.

Lanxoma is platform agnostic and works across networks irrespective of physical location. In comparison to the previous year, 27 percent of respondents to the Deloitte 2007 survey indicated an increase in security breaches in the countries where they have operations.

Huge companies like Hewlett Packard are well aware of the problems. “Ruined reputations, lost productivity, customer dissatisfaction and government probes are just some of what can happen when there is a breakdown in security. Success is dependent on secure infrastructures that safeguard the business continuity of your operations and offer the flexibility to meet changing business requirements. A secure, adaptive infrastructure helps you reduce costs, accelerate the speed of IT change, and deliver higher quality of service to increase business efficiency,” the company said.

Most organizations have verified the validity of information, controlled movement of data and files, ring-fenced applications, fire-walled personal computers, filtered incoming and outgoing Internet traffic, removed disc and memory stick drives, secured the network, installed spyware, implemented data leakage prevention software ... and completely ignored the potential threat of the friends they are obliged to trust. In the domain of the CIO, friends are the managers, analysts, administrators and programmers with privileged access to the very heart of computer-based systems: the ones who are empowered to make changes while “inside” the system.

Even a most junior programmer, given authorization, can add a zero to an annual salary - not at the application level where pre-determined limits are simply set, but by using root access. Inside a manufacturing or distribution company they can arrange for valuable goods to be delivered to an accommodation address. They can change an examination result for a university student for favors or cash... alter a tax band... misappropriate private medical records... insert an insurance payout... create fake invoices for settlement... we used to call it stealing.

Historically, addressing the threat from malcontent or malicious employees (or ex-employees) has been avoided as there has been no means of providing essential access - and knowing what went on while the drawbridge was lowered. In medieval times there was one door to the castle; now no moat is wide enough nor wall high enough to deny access in one way or another.

As indicated earlier, internal and external auditors can, where Lanxoma is installed, economically gain the assurance they seek in respect of best practice, good governance and conformance. Compliance with government regulations continues to play a significant role in security spending decisions. Investment is often justified because the downside of breaches and failure is so great, but while legislation, compliance and governance as well as internal and external audit requirements have driven organizations to improve data management and security, their information security infrastructure is sometimes likened to a medieval fortress, where a moat and thick walls would keep out the enemy, while a drawbridge could be lowered to let in “friends.”

In May 2008 the Daily Telegraph reported: “The cost of regulation affecting the world’s biggest financial firms is likely to almost double by 2010 and was soaring even before the credit crisis, new research indicates. Regulation and compliance expenditure by the world’s leading 100 financial companies is on track to peak at about £50 billion in 2010, says a report by accountancy firm Deloitte. That compares with an estimated expense bill of £28 billion last year - up 30 percent on the previous three years. The 2010 projection excludes any regulation likely to be triggered by the credit crisis. Chris Gentle, associate partner and head of research at Deloitte, said that despite the growing bill, companies were not governing risks properly. The imbalance between risks and controls was a ‘prime feature of the recent losses incurred by major banks’, he said.”

Finally it should be emphasized that benefits of Lanxoma do not stop with controlling access and recording evidence. It acts both as a deterrent - and a means of proving an employee not guilty of unauthorized activity. On that same level, it also functions as a training tool that can be used in review to show IT workers what they did right - or wrong.