The Snowden Effect: Why seeing is believing

Chris PaceProduct Marketing, Wallix@achrispace

How significant is the risk to data from an insider in your business?

• 88% of organisations recognise the threat but only 40% have budget to address it.

• CERT holds details of over 800 recorded insider incidents.

• Fewer than 6% of intellectual property thefts were detected by software

What could you have spotted?

• A contractor with elevated privileges.

• Socially engineered co-workers to gain credentials.

• Stored over 20,000 documents in a cache on the NSA intranet before removing.

Is data the answer?

Why not combine data with visibility?

Audit and compliance

How Wallix helps:

• Risk prevention is based on traceability of users access to servers and their actions• All of these actions are collected centrally as logs and videos which can be made

available to auditors• See activity by particular users or on particular servers to identify unusual behaviour• Full visibility of all of this data in the event of a breach or other security incident

Monitoring and traceability

How Wallix helps:• User activity can be constantly monitored in realtime alerting a manager or denying

access if particular actions are attempted• Goes beyond event logging by tracing every single mouse click and keyboard stroke

using system log information and optical character recognition• Command line sessions like SSH as well as UI sessions on Windows servers are can

all be recorded• Recorded sessions can be viewed as text or recorded as videos which can be viewed

and downloaded instantly

Just the facts

• Appliance, virtualised or in the cloud• Simple configuration• No agent to install• Active directory integration