Oakley Networks is releasing its government-only security product, SureView, to the wider market.
The information-leakage detection and prevention product offers a new approach to blocking insider threats, the company claims, by working at the application-event level, such as when a file is printed or saved, rather than the network level.
SureView has been sold to government agencies for five years, and consists of a tamper-proof appliance and agents deployed on desktops. It is designed to prevent sensitive or proprietary information leaks through real-time monitoring of users.
Applications covered include e-mail, Web-mail, instant messaging, VoIP programs, browsers, Microsoft Office, as well as information saved on USB storage devices, CDs and DVDs, or data that is printed or encrypted.
Event data fed to SureView is analysed against policies, both pre-defined and set by an enterprise, to flag any violations. For example, if an employee in the finance department normally works Monday through Friday from 9am until 5pm starts printing documents on a Sunday morning, it would likely be a policy violation, Smith says.
If a breach is encountered, SureView sets off alarms; administrators can use the Replay in Context feature that offers a "videolike view" into user activities, including keystrokes, mouse movements, documents opened and websites visited.
SureView's agents also let administrators monitor and analyse data before it is encrypted, or hidden, protecting enterprises from an insider's intent to pass sensitive information outside the company network.
Oakley has decided to enter the commercial market because of the heightened awareness over the past year among enterprises to insider threats. Oakley CEO Derek Smith said: "We think there's really been a mind shift that they need to get out in front of this problem," he says.
There are other ways that enterprises can protect against insider threats, such as tightening the controls around identity management and taking advantage of encryption, says Trent Henry, senior analyst with Burton Group. But, as is often true with security, enterprises may want to layer multiple leakage detection and prevention efforts to improve protection.
"The technology is definitely strong and can be effective; it comes down to how enterprises end up deploying this along with a number of other security protections," Henry said.
SureView starts at $100,000 for 100 users.