Open Menu Close Menu

PortAuthority: Attacking the Inside-Job

Do you know where your campus security breaches are? Most IT professionals who deal with security spend their time and budgets preventing intrusion from the outside: viruses, worms, hackers, and thieves. By some estimates, more than 85 percent of security spending is devoted to resisting outside attacks. In fact, it is more than likely that some of the security violations are coming from inside, through the deliberate or inadvertent release of vital information to unauthorized sources.

Campuses have much to protect: student records, intellectual property, personnel information, and more. It is easy to imagine scenarios where data could be revealed—accidentally or on purpose—to the wrong parties. How can an academic institution keep this vital data inside its walls?

One approach would be to install a product called PortAuthority from Beverly Hills-based Vidius. PortAuthority is a software solution that relies on “electronic fingerprinting” technology to detect and quarantine any internal or outbound security breach. The software analyzes outbound communication, examining how the actual information is constructed within a given document or message, and then assesses the information for a violation, using over two dozen sophisticated algorithms. According to Kevin Moylan, vice president of product marketing for Vidius, PortAuthority is the only product of its kind. “Without a doubt,” says Moylan, “we can positively identify particular portions of confidential information either in whole or in part. We provide the ability to identify it, to quarantine it, and to notify the appropriate parties about the breach. All of this occurs in real time.”

Vidius describes PortAuthority as far more reliable than key word filtering (which can generate a lot of false positives) and encryption (depending on user discretion and works only at the file level, not the information level).

No client-side encryption or viewing software is necessary with PortAuthority. The software protects entire data sets or documents as well as portions or bits of data, including any that have been modified, cut, copied, and pasted into other files or messages. PortAuthority blocks the outgoing message, preventing it from being distributed either internally or externally, and the system administrator receives instant notification.

Vidius’s Web site statistics (from Richard Hunter of Gartner), that “more than 70 percent of unauthorized access to information systems are committed by employees, as are more than 95 percent of intrusions that result in significant financial losses.” This statistic, of course, d'es not necessarily include academic scenarios. No data is available on the amount of unauthorized outgoing e-mail on campus. However, colleges and universities are in a unique, and uniquely vulnerable position, in that hundreds or thousands of new users come onto the system each year. Plus, academia’s commitment to free speech and the free dissemination of ideas make it even more difficult to exert control over data.

PortAuthority is configurable to meet the needs of particular campuses. Administrators can designate which directory to monitor. Only designated information is inspected. A block override function assigns specific personnel as “power users,” granting them the ability to release blocked messages. A comprehensive reporting feature tracks repeat offenders and policy violations. It also analyzes threats to determine whether they are probably accidental or intentional. And its broad file support feature supports over 250 native file formats, including Word, Excel, and other common formats. The software is scalable and permits clustered server environments.

For more information about PortAuthority, contact Vidius, Beverly Hills, CA; (310) 888-2330;

comments powered by Disqus