headermask image

Data Triage Blog

generique levitra comprar cialis generico cialis tunisie acheter cialis generique viagra offerte kamagra receptfritt levitra hinta generique cialis pfizer viagra 100mg preis viagra på apoteket
  • kamagra si trova farmacia cialis naturale viagra rezeptfrei levitra generico precio viagra recept cialis 5 mg prezzo cialis senza ricetta propecia commande cialis pas cher à paris kamagra wo kaufen
  • four part series on electronic data discovery Tools & Your Enterprises

    Here is a four part series i found on the internet about Electronic data Discovery (EDD) TOOLS.

    Michael Osborne has been getting a lot of vendor calls lately pitching a new breed of products, typically called electronic data discovery (EDD) tools. These tools promise to investigate historical data to uncover security breaches, compliance failures and plain old errors in transactions across various enterprise systems, from network administration to accounting. Driven by compliance requirements such as Sarbanes-Oxley and the Health Insurance Portability and Accountability Act, these tools focus on user activities, such as who accessed a database or updated a customer account.

    The goal is to look at both real-time and historic patterns across multiple databases, networks and applications to find suspicious activities that might indicate insider financial fraud, customer identity theft, compliance policy breaches or theft of proprietary data such as customer contacts or product designs. As the senior security manager at Kimberly-Clark, which makes health and hygiene products, Osborne is interested in ways to prevent supplier or insider fraud, such as detecting sham providers used to steal or launder money. In other organizations, electronic data discovery tools might be used to detect identity theft or violations of information-access policies.

    Osborne is not alone in getting these pitches, say analysts and consultants, who warn that CIOs should be cautious. “There’s a lot of vaporware out there,” says Avivah Litan, a security research director at Gartner. “You’re seeing vendors build an industry around scare tactics over compliance and security.”

    That’s not to say there aren’t useful technologies available. For example, Osborne is evaluating a tool from Oversight Systems that analyzes accounting information from SAP and other financial systems to detect fraud and errors both in current transactions and in past transactions stored in the SAP system. He’s recommended that Kimberly-Clark seriously consider adopting the technology.

    At online shopping service provider 2Checkout.com, Tom Denman, the director of risk management, has adopted 41st Parameter’s analysis tools to detect fraud in the shopping and financial transactions that his service handles for online stores. 2Checkout used to rely on real-time security event monitoring tools but found they couldn’t do as thorough an analysis in real-time. Denman now batches customer transactions and uses 41st Parameter tools to analyze them against previous transactions and various fraud patterns, to detect stolen credit cards and the like (one fraud pattern might be the use of a credit card number for online purchases the same day in several countries). Suspect transactions get flagged for human review, prioritized by risk level.

    The use of historical data correlated across multiple systems and a focus on user activity is what distinguishes electronic data discovery from real-time security event monitoring (SEM) tools, which typically are used to monitor network activity for intrusions and viruses. electronic data discovery provides more context in which to find fraud or uncover breaches. “The tools can serve the understand-and-prevent function,” says Keith Schwalm, vice president of Good Harbor Consulting, a security advisory firm. electronic data discovery tools can work as an adjunct to SEM tools, or provide both functions, notes Amrit Williams, a security research director at Gartner. The vendor trend is to merge the two functions into a suite, he adds.


    If you liked my post, feel free to subscribe to my rss feeds

    Post a Comment

    You must be logged in to post a comment.

    More in Computer Forensics, Data Recovery, Electronic Discovery, Informative, Litigation Support, Uncategorized (75 of 105 articles)

    There are a number of reasons that electronic discovery continues to make news, attorneys and paralegals are demanding standards to govern electronic discovery, and courts around the country are considering (some are already implementing) local rules to change how ...