IBM has announced a new security product that it claimed would help users their internal systems from internal attacks.

The Identity Risk and Identification software analyses the activity of users on a network, looking for irregularities that might be a tip-off of unauthorised or improper access.

The component is part of IBM's Identity Management Services, one of its security software offerings. The software is configured to integrate with the company's Tivoli Identity Manager and Tivoli Access Manager, both of which manage passwords and permission to use applications, IBM said.

The new software can compare a user's previous online activity with new activity and plot that use against other peer users, IBM said. It can also do a prospective analysis, providing a heads up for potential misuse, IBM said. Patterns can be plotted in reports, the company said.

IBM said Identity Risk and Identification is a step beyond user IDs, passwords and even biometric or secure cards, since those ID methods confirm user access but can't verify proper use.

A 2005 survey by the US Federal Bureau of Investigation and the Computer Security Institute found that 56 percent of organisations reported internal security breaches, a figure that represents a growing threat to businesses, IBM said.