Solutions against internal threats

STAR helps organizations by providing insight into the workflow of information, to prevent leakage and the intentional/unintentional unauthorized use of sensitive and valuable data and hence preventing high costs due to financial and moral damages.

In organizations such as financial institutions, military units, governmental departments and research institutes, employees of the organization continuously deal with valuable and sensitive data and the risk of information theft or misuse is extremely high. Worldwide statistics show that nearly 85% of data information is due to internal employees. Understandably, with the increase in the number of employees and the increasing growth of the diversity of data sources and software systems, monitoring and preventing leakage or misuse of data becomes ever more difficult. Hence, organizations need effective solutions against internal threats for sensitive data under their authority including knowledgable insight into data available to employee, how they are handled and used throughout the organization.


How does STAR help?

STAR’s solution and strategy against internal threats provides a complete picture of employee interaction in aggregating and analyzing data types related to users using sensitive data in the organization. Suspicious activities of employees in relation to sensitive data are identified through a variety of scenarios that can be defined within the STAR’s user environment and are presented to authorities in the form of alerts. The diverse range of analysis and interrogations in STAR’s application software aids the organization’s experts to analyze and assess suspicious cases from different angles and have a conscious and clever attitude with each other. The user access control mechanisms in the STAR Platform will ensure employee privacy in the process of analysis and investigation.


Aggregation and combination of all data related to the use of data

STAR provides the ability to combine various types of data used in monitoring security information such as logs of people entering and leaving different physical locations of organizations, network equipment logs, email records, VPN usage logs, security alert systems such as DLP, logs of taking information out of the network like printing, employee logs from systems attached to strategic organization resources such as customer information, provides a comprehensive picture of how employees use the organization’s data sources. Subsequently, the field is provided to identify the complex methods used by offenders.


Identify suspicious employee patterns

STARs mechanism in aggregating and integrating data related to the security of data, provides a platform for users to locate violations. Through the graphical user interface of STAR, IT security experts can define complicated scenarios that violate organizational policies in using data, without having to be familiar with queuing languages and aid the platform’s process management capabilities for continuous observation and regulation. Thus, identification of scenarios focus on how to use a type of data source and can assess the overall behavior of each employee in relation to the organization’s data and identify complex compound scenarios.


Interrogation and analysis around generated warnings

STAR provides a flexible and rich application environment for questioning and analyzing identified subjects. Information security inspectors can grasp the nobility and understanding of the various dimensions of the incident by collecting all the data associated with each item discovered and using the possibilities of analyzing and visualizing the information in the provided system and provides enough insight into the different dimensions of the identified incident, the actual offender and th inadvertent or intentional nature of the violation. All the vital requirements of the experts in the interrogation process are given within STARs integrated platform and the lack of the need for continuous relocation between different systems and tools, will increase the speed of the reaction of experts to potential threats as well as minimize possible damage to the organization.