Analyze and Act

Image

Visualize Risk of Your Data to Prevent Insider Threats

Fasoo RiskView is a tool for security administrators that monitor activity related to unstructured data and user activities with confidential data. It gathers information from Fasoo Usage Tracer (the log analysis utility for Fasoo Enterprise DRM ) and Fasoo eData Manager. It has APIs that can be configured to import log data from other security technology components, including firewalls, DLP, databases, and even physical security systems (e.g., entry/exit data from keycard or biometric systems) and employee attendance records.

Fasoo RiskView includes a decision making framework that security administrators as well as business managers can use to review suspicious activities and after relevant investigations, in order to decide whether or not to take action to address these concerns with potential insider threats.

Fasoo RiskView applies sophisticated rule-based modeling to the data sources mentioned above, to establish normal patterns of behavior and flag suspicious activities that indicate enough risk to merit concern and potential intervention by business management.

The types of activities that Fasoo RiskView tracks include:

  • Event anomalies, such as logins with user IDs of former employees, a given user logging in from multiple locations simultaneously, or unauthorized users retaining an excessive numbers of files containing sensitive data.
  • File based risks, such as unauthorized users’ attempts to decrypt classified files.
  • User based risks, such as users decrypting files more frequently than usual, printing more files than usual after regular business hours, or sending files to external recipients more than usual.


Image

Upgrade Your Data Security Policy through Intelligent Log Analysis


Setting up a perfect data security policy is almost impossible. This is why exceptional policies are so often adopted to balance productivity against security in any sort of policy enforcement settings. There is only one way to address this issue which is by having a flexible security policy management framework, where security policies can be continuously assessed and optimized through feedback from a comprehensive data usage log analysis.

Fasoo Usage Tracer centrally monitors usage logs for all Fasoo-protected documents

Fasoo Usage Tracer provides a centralized location for organizations to monitor, assess and optimize data security policies enforced by Fasoo Enterprise DRM, a suite of persistent data protection and control solutions, through usage log analysis.

Image
Image

Organizations that have multiple Fasoo data-centric solutions in place can collect and analyze all data usage logs from those solutions in a centralized location on a real time basis. Usage logs include user information, access rights, IP address, security classification, file name, time and date. Not only will this be the one stop location to manage all data/user activity logs but will also offer a more convenient management experience.

Pattern-based usage monitoring allows security administrators to enforce a set of rules to detect and monitor unusual file usage behaviors of targeted users and groups. Administrators can opt to get notifications whenever any violations of the rules are detected.

This solution provides the ratios of provisional license issuing logs to the total licenses issuing logs and compares them between groups and against industry benchmarks. For example, the ratio of individual user groups helps determine which groups need more privileges or abuse provisional or exceptional licenses. The log analysis helps security administrators assess the efficiency and effectiveness of existing security policies. The solution offers organizations with a decision making tool to proactively optimize data-security policies against data security challenges.