Temporal-Based Security

The  "inside job" problem is widespread and especially destructive to enterprises.‎ In 85% of the cases the offender uses his or her peer’s credential while committing ‎the offence, and in 90% of those cases they do it while their peer is off the ‎premises.

‎A special case of the "inside job" is tampering with financial records or accessing such records to obtain insider trading information, for example. Under Section 404 of the Sarbanes Oxley Act, such tampering is the responsibility of the enterprise. Executives need to certify and demonstrate that:

Files containing accounting information have not been compromised.

and

All significant technical controls, including security authorizations and critical configuration files have not been compromised.

Security logs of conventional access control are not really enough to protect against unauthorized access. The log records that  "John Smith" logged-in and accessed confidential data. Smith is an executive authorized  to view that data, so the entry "looks OK. But the time stamp of the log-in is 8:08 P.M.  The real John Smith had gone home  at 6:45.

 Dynamic Security can help you ensure that vital data have not been accessed by unauthorized personnel or tampered with in off hours by rogue personnel using pilfered identities. 

Dynamic Security is designed to help combat “inside jobs” by automatically administering Location-based and Temporal based security policies. If John Smith works the day shift, he shouldn't be logging in at 3 AM. Dynamic Security can detect and prevent such suspicious logins because access rights of individuals can be time dependent.‎

Dynamic Security implements temporal-based security to protect your  organization against inside jobs and help you meet regulatory standards.‎