Tax Agencies collect, process and maintain large amounts of sensitive data, typically accessed by thousands of authorized users both internally and externally. These agencies face a growing threat to this information from within. Fraud and information leakage committed by knowledgeable employees who utilize their knowledge of IT systems can cause great damage. Various inside fraudulent activities include manipulating financial transactions, misappropriating assets and selling taxpayers’ private data.
Beyond the fraud challenge, Tax Agencies must comply with laws and regulations that were enacted for protecting taxpayers’ privacy and rights. FISMA (Federal Information Security Management Act) and HIPAA in the US, the EU Data Protection Directive 95/46 and other regulations require government agencies to maintain detailed audit trails of access to sensitive data in their information systems. This requirement is trying, especially for agencies that rely on heterogeneous platforms including legacy systems, as these systems typically do not provide sufficient application access logging.
The Intellinx Cross-Platform Solution for Internal Fraud Detection
Intellinx presents a breakthrough in insider threat detection and prevention. It provides a first-of its- kind cross-platform surveillance system for unparalleled visibility of end-user activity in corporate applications across the enterprise. The Intellinx Solution provides a critical infrastructure for combating internal fraud and information leakage, making authorized users accountable for their actions. Intellinx is the only product on the market today that provides the following:
- Unparalleled Visibility to End-User Activity – Complete visibility into end-user activity is provided with visual replay of every screen and keystroke and client/server message in every application across all major platforms. All actions are visible, including update and read-only actions. All types of end-users are tracked including privileged end-users.
- Complete Audit Trail – Intellinx records full user activity in real time. Regardless of whether appropriate rules are in place at the time of an event, post-event replay enables forensic investigation at a later time.
- Cross Platform Search including Legacy – Intellinx provides a unique solution for tracking user activity across all major platforms including mainframe, iSeries, Web, Client/Server and more. It allows you to search for any specific value displayed on any user screen across multiple platforms from one simple query screen. The Intellinx rules track cross-platform business processes.
- User Behavior Profiling at the Application Level – Intellinx is the only solution on the market that analyzes the user activity at the application screen level. Intellinx rules track all user keystrokes and screens, detecting the relevant business process including each field value accessed or updated. This information is correlated in real-time with the activity of other end-users, with previous activity
Immediately following the rapid installation, Intellinx begins capturing all cross-enterprise user activity, allowing internal auditors to perform thorough investigations with complete visual replay. Security officers can immediately search for all user screens in which specific values appeared during a specific timeframe in any application across any platform in the enterprise, with no need for time-consuming integration with any of the organization’s systems or application-related configurations.
Unique Business Value
Intellinx provides a unique business value to large Tax Agencies around the world:
- Deterring potential fraudulent users through the awareness to the recording of their actions.
- Protection of tax agency reputation from by bad publicity regarding cases of information leakage and identity theft.
- Reduction of Internal Fraud Losses by detecting fraud and other malicious activity in real-time. The Association of Certified Fraud Examiners estimates that typical organizations lose 5% of its revenues to occupational fraud each year, most of it performed by the organization’s employees.
- Compliance with FISMA, and other regulations by generating a detailed cross-platform audit trail of any access to sensitive information including queries without changing a single line of code.
- mproving internal audit effectiveness by alerting on suspicious user behavior and providing full visibility for the internal auditors of all the actions of each specific suspicious end-user, screen by screen.
- Enforce corporate security policies by detecting security breaches and exceptions.