Monitoring software adds ability to send alerts

Organizations with very sensitive data don’t merely have tough network security gear; they may also go so far as recording every keystroke employees enter and monitoring for suspicious activity.

One supplier is Boston-based ObserveIT, which on Monday released version 5.7 that now includes the ability to send email alerts to responsible IT staff for investigation.

Until now ObserveIT has been used for investigation and forensics after suspicious or actual malicious activity has been detected, Dimitri Vlachos, the company’s vice-president of marketing, said in an interview.

“Now it’s not just reacting to what happened; with analytics and alerting we can notify security teams right away.”

The alert includes a hyperlink to a video recording a person’s keystrokes as well as to a searchable log of recent user activity.

Canadian customers include Avaya Canada. The company said a Canadian bank, a telco and a utility are also customers, but they can’t be named.

Other end user monitoring software (sometimes called privileged identity management) companies in this market include SpectorSoft’s Spector 360 Recon, BalaBit, BeyondTrust, CA Technologies’ Centrify, Aternity, Knoa Software, Nexthink, NetWrix User Activity Video Reporter, InterGuard and CyberArk. These and other solutions can be set to monitor only privileged accounts that have access to sensitive data or more broader monitoring.

Also new in version 5.7 is

— native integration of ObserveIT data into Hewlett-Packard’s ArcSight security information event management suite;

–new data recording policy for Unix/Linux systems,  giving administrators greater control of how much data is recorded during user sessions, and how much memory is used;

— support for user activity monitoring on 64-bit Debian 6 and Debian 7 machines.

ObserveIT lets administrators search activity logs for when an individual signed into a system, what was happening on a particular PC, server or application – viewing sensitive information, changing a user privilege, installing new software, changing configuration files. Administrators can act in a number of ways, including kicking the user off the network.

Vlachos said agent-based ObserveIT only takes up to a two-per cent hit on system performance.

The solution, sold direct from the company, is priced by the agent. There are agents for desktops, servers, Citrix and others.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now