The "inside job" problem is widespread and especially destructive
to enterprises. In 85% of the cases the offender uses his or her peer’s credential while committing the
offence, and in 90% of those cases they do it while their peer is off the premises.
A special case of the "inside job" is tampering with financial
records or accessing such records to obtain insider trading information, for example. Under Section 404 of the
Sarbanes Oxley Act, such tampering is the responsibility of the enterprise. Executives need to certify and
Files containing accounting information have not
All significant technical controls, including
security authorizations and critical configuration files have not been compromised.
Security logs of conventional access control are not really enough
to protect against unauthorized access. The log records that "John Smith" logged-in and accessed confidential
data. Smith is an executive authorized to view that data, so the entry "looks OK. But the time stamp of the
log-in is 8:08 P.M. The real John Smith had gone home at 6:45.
Dynamic Security can help you ensure that vital data have not been
accessed by unauthorized personnel or tampered with in off hours by rogue personnel using pilfered identities.
Dynamic Security is designed to help combat “inside jobs” by
automatically administering Location-based and Temporal based security policies. If John Smith
works the day shift, he shouldn't be logging in at 3 AM. Dynamic Security can detect and prevent such suspicious
logins because access rights of individuals can be time dependent.
Dynamic Security implements temporal-based security
to protect your organization against inside jobs and help you meet regulatory standards.