Insider Risk Management
vs. Insider Threat Surveillance
See Employees as Sources of Intelligence,
Not Subjects of Surveillance
Surveillance of Employee Activities Comes with Legal & Operational Risk
New Normal of Work-From-Anywhere Brings Privacy to the Forefront
There’s one constant in every organization: the human element. These employees, contractors, and partners understandably have concerns about what which activities of theirs are monitored. They have questions about what data may be in scope or out of scope. Lastly, and perhaps the biggest concern, users may wonder how these monitoring systems may be biased against them and intrude on their personal privacy. These are valid concerns.
Insider Risk Management vs. Insider Threat Surveillance
Insider Risk Management
Insider Risk Management views the employee as a source of intelligence rather than a subject of surveillance. It effectively flips a model of invasive monitoring to one that anonymizes user intelligence and collects only the minimum amount of metadata necessary to build a forensic audit trail, with full respect for an employee's fundamental right to privacy. File scanning, Email/Web/Messaging application content capture, keystroke logging, and screen recording are not necessary for effective security with a metadata collection model.
Insider Threat Surveillance
Insider Threat Surveillance technologies have not only employed invasive content inspection, keystroke logging, and video capture capabilities but also often collect more data than necessary for their stated purpose. This creates unnecessary employee privacy issues, as well as significant costs associated with excess data storage and processing.
The Changing Dynamics of Insider Risk & Privacy
Invasive Monitoring Techniques are Unnecessary to Protect Data & IP
As core monitoring techniques include video capture, keystroke logging, and file scanning, it is very difficult for multi-national organizations who license Insider Threat Surveillance tools (example: Proofpoint ITM ObserveIT) to comply with privacy regulations such as GDPR or even get approval from work councils to deploy the technology at a scale beyond a few hundred pre-determined users.
To the contrary, IRM solutions leverage a meta-data approach combined with advanced behavioral analysis to arrive at the same outcomes as the Insider Threat Surveillance solutions without impacting privacy or endpoint performance.
Download EMA’s Insider Risk, Privacy & Compliance Research Brief
You Can’t Prevent What You Can’t See
Scalability & Deployment Must Be Enterprise-wide
Intrusive employee surveillance capabilities (example: Proofpoint ITM ObserveIT) are system resource and network bandwidth intensive by nature, requiring larger than normal processing power from the endpoint device and additional cloud storage.
IRM is the opposite, scalable to hundreds of thousands of endpoints across the entire enterprise using only behavioral meta-data to provide real-time, continuous visibility across an entire, globally distributed enterprise. This approach significantly reduces the amount of data that an organization needs to collect, eliminating the need for intrusive data sources which are unnecessary for improving security.
Download the Insider Threat Surveillance vs. Insider Risk Management e-book
The Power of Dynamic Reporting & Visualizations
Efficient & Clear Evaluation, Response & Remediation
Intrusive employee surveillance tools (example: Proofpoint ITM ObserveIT) present findings as raw evidence in the form of video logs and event logs that must be consumed as part of CSV files which need to be processed using external reporting solutions (e.g. MS Excel).
Next-generation Insider Risk Management solutions provide out-of-the-box automated reports and dashboards containing intuitive and pivotable visualizations that are easy to understand and actionable for the analyst and the incident response manager. Additionally, CISO/CSO reports can be easily shared with business stakeholders for consistent risk posture evaluation and improvement strategies.
Download the DTEX InTERCEPT Solution Brief to learn more.
The latest on Workforce Cyber Intelligence
The Evolving Dynamics of Insider Risk, Privacy, and Compliance, EMA Research Brief
The Work-from-anywhere environment is here to stay and organizations must adapt to the new security challenges of this work dynamic.
Read More
Accelerate Security Operations with Contextual Human Intelligence & Endpoint Telemetry
Splunk and DTEX Systems have partnered to offer a first-of-its-kind Workforce Cyber Intelligence & Security solution that delivers the contextual…
Read More
Insider Threat Platform Buyers Guide
How to measure and evaluate the complex landscape of insider threat solutions and build an effective insider threat program…
Read More
DTEX Case Study: Williams Racing
View this case study to learn how Williams Racing has applied Workforce Cyber Intelligence to keep its employees, equipment and…
Read More
How DTEX’s Data Pseudonymization Techniques Protect Employee Privacy
Making an effort to balance privacy and security is vital for organizations who want to thrive in the new normal.
Read More