Illegal data access problem solved by behavioural analysis

“A recent Associated Press news report cites the example of a landlord snooping on tenants to discover details of their finances, as well as a woman who accessed her ex-boyfriend’s account after the couple broke up,” says Tier-3 CEO Geoff Sweeney. “Both people worked for a Wisconsin energy utility company and took advantage of their wide-ranging access to people’s data to go snooping,” he explains. But, says Sweeney, just as computers have made it easier for staff to snoop on information, so the same technology can be harnessed to beat them. “It’s difficult to tackle problem head-on, especially if staff doing the snooping are authorised to have access to the database concerned,” he says, pointing out that the staff involved are often authenticated users. “But by introducing behavioural analysis software to the system, it’s possible to flag up any unusual database activity to the audit team concerned. “By automatically comparing each individual data access against a dynamic baseline of previously learned employee behaviour, it’s an easy task to spot staff who are accessing data they shouldn’t, in real time and even catch them in the act.” he explains.