New version can alert authorities to suspicious data downloads such as those in the recent WikiLeaks story concerning classified information compromise
Columbia, MD – Prism Microsystems, a leading provider of comprehensive SIEM solutions for the midsize enterprise today announced the release of EventTracker v7.1 with enhanced features including USB and writeable media monitoring. This technology release is a timely one, as EventTracker, which is notified anytime a USB device or writeable media is inserted, can potentially prevent episodes like the recent WikiLeaks release of 250,000 classified US diplomatic cables caused by a vast internal security breach within a U.S. government facility.
The proliferation of writeable media devices such as USB thumb drives and CD/DVD-W has created security challenges in private networks. As in the WikiLeaks case, much of the more serious theft of organizations’ data today is from internal sources. It takes only a few seconds to utilize these devices to copy confidential data from a desktop. A key feature of EventTracker v7.1
is its ability to monitor removable media allowing organizations to detect and in many cases, prevent confidential data loss and limit purposeful attacks from insiders.
“The WikiLeaks story is one that has resonated at many of our customers. While USB drives and writeable media provide great efficiency, the potential for misuse is high. Very large volumes of data can be copied in seconds. EventTracker has been developed and is continuously upgraded and refined to meet the ever-expanding threatscape that enterprises and government agencies face today,” said A.N. Ananth, CEO at Prism Microsystems.
On servers or workstations the EventTracker Windows Agent is notified anytime a USB device or writeable media is inserted or removed. The EventTracker Agent monitors all file change activities for these devices, including any adds, modifications, deletions or copies that are made. This information as well as the time and date, the drive letter, and the user name are provided to the enterprise, in real time. Based on predefined policy, EventTracker can generate an incident alert to notify IT personnel, launch automatic remediation actions, or block unauthorized USB devices.
“EventTracker operates “behind the scenes” with users unaware of the real-time monitoring that is occurring. This type of intelligence monitoring is now vital to the integrity of an organization’s information and can be of great help in situations like the recent WikiLeaks scenario,” added Ananth.
Additional enhancements to EventTracker v7.1 include a new XML API, and support for Smart Cards (HSPD12).
About Prism Microsystems
Prism Microsystems delivers business critical solutions that transform high-volume cryptic log data into actionable, prioritized intelligence that will fundamentally change your perception of the utility, value and organizational potential inherent in log files. Prism’s leading solutions offer Security Information and Event Management (SIEM), real-time Log Management, and powerful Change and Configuration Management to optimize IT operations, detect and deter costly security breaches, and comply with multiple regulatory mandates.
Visit www.eventtracker.com for more information. Follow us on Twitter @logtalk.