Law Enforcement Agencies

Insider Threat

Law Enforcement and Criminal Justice agencies around the world face a growing threat to their information assets from within. Data theft and fraud committed by knowledgeable employees who utilize their access and knowledge of IT systems can cause great damage. Various insider fraudulent activities may include divulging confidential information of ongoing investigations, selling private data of celebrities to external entities, leaking sensitive information on complaints, incidents, arrests, and more. Furthermore, unintentional errors can also cause serious damage.

The Audit Trail Challenge

FISMA (Federal Information Security Management Act), HIPAA and other regulations require government agencies to maintain detailed audit trails of access to sensitive data in their information systems. This requirement is challenging, especially for organizations that rely on heterogeneous platforms including legacy systems as these systems typically do not provide sufficient application access logging. Developing such a mechanism, involves tremendous effort and cost, potentially altering thousands of programs. Mechanisms that track changes to corporate databases are insufficient, as they typically track update transactions but do not capture critical “read-only” access to data. In addition, database monitoring solutions typically lack the ability to capture the actual user who accessed the information, as most applications use generic user IDs when accessing the database

Intellinx – a Proven Solution for Law Enforcement Agencies

Utilized by over 100 organizations worldwide including federal, state and local law enforcement agencies, Intellinx provides a first-of-its-kind cross-platform surveillance system for unparalleled visibility of end-user activity in corporate applications across the enterprise. The Intellinx Solution provides a critical infrastructure for combating enterprise fraud and information leakage, making authorized users accountable for their actions.

Intellinx is the only product on the market today that provides the following:

• Unparalleled Visibility to End-User Activity – Complete visibility into end-user activity is provided with visual replay of every screen and keystroke and client/server message, in every application across all major platforms. All actions are visible, including update and read-only actions. All types of end-users are tracked including privileged end-users.

• Complete Audit Trail – Intellinx records the full user activity 24×7, not just events detected as suspicious in real time. Regardless of whether appropriate rules are in place at the time of an event, post-event replay enables forensic investigation at a later time.

• Cross Platform Search including Legacy – Intellinx provides a unique solution for tracking user activity across all major platforms including mainframe, iSeries, Web, Client/Server and more. It allows you to search for any specific value displayed on any user screen across multiple platforms from one simple query screen. The Intellinx rules track cross-platform business processes.

• User Behavior Profiling at the Application Level – Intellinx is the only solution on the market that analyzes the user activity at the application screen level. Intellinx rules track all user keystrokes and screens, detecting the relevant business process including each field value accessed or updated. This information is correlated in real-time with the activity of other end-users, with previous activity and other types of information generating alerts on suspicious behavior near real-time.

Intellinx Out-of-the-Box

Immediately following the rapid installation, Intellinx begins capturing all cross-enterprise user activity, allowing internal auditors to perform thorough investigations with complete visual replay. Security officers can immediately search for all user screens in which specific values appeared during a specific timeframe in any application across any platform in the enterprise, with no need for time-consuming integration with any systems or application-related configurations.

Unique Business Value

Intellinx provides a unique business value to large government agencies around the world:

  • Improvement in public and officer safety by enhancing overall data access security.
  • Reduction of data theft incidents by detecting suspicious and malicious activity in real-time.
  • Discouraging potential fraudulent users by creating awareness to the recording of their actions.
  • Protecting agency reputation from damage following cases of information leakage and identity theft.
  • Compliance with FISMA, HIPAA and other regulations by generating a detailed cross-platform audit trail of any access to sensitive information.
  • Improved internal audit effectiveness by alerting on suspicious user behavior and providing full visibility for the internal auditors to all the actions of each specific suspicious end-user.
  • Enforcement of corporate security policies by detecting

Learn More