|
By Laton McCartney
In case you missed it, AlertEnterprise, which focuses on security convergence for physical and logical security, won the RSA Conference 2009 Innovation Sandbox and secured the top spot as Most Innovative Company at the RSA Conference 2009 last month.
"We're bridging the most overlooked gap in enterprise security—the prevention and detection of cross-enterprise threats by linking physical; access and IT security," AlertEnterprise's CEO and founder Jasvir Gill tells CIOZone.
Formerly the CEO and co-founder of Virsa Systems and a principal designer of Virsa's Continuous Compliance Suite, Gill served as the Senior Vice President and General Manager for SAP's Governance, Risk and Compliance business unit following SAP's acquisition of Virsa Systems. He has worked with many of today's largest companies and most recognizable brands to deliver security and controls solutions for ERP risk management and regulatory compliance.
It was in dealing with customer advisory groups at SAP that Gill says he realized the need for software that could integrate IT and physical security across diverse systems, applications, databases and geographically distributed assets. AlertEnterprise, which recently got $8 million in financing from Opus Capital, offers three interrelated software solutions:
AlertAcess which provides rules-driven and policy compliant user access management across the enterprises, analyzing risk across all IT applications, physical systems and networks.
AlertInsight completely automates risk remediation and fundamentally aligns IT and business users by providing actionable and visual analytics. It overlays and integrates data from multiple sources including ERP, IDM, Corporate Directories, HR, and GRC to provide the complete context required to perform on-the-fly remediation. The visual model converts the technical complexity into business-friendly relationships and descriptions.
AlertAction provides geo-spatial monitoring and remediation of cross-enterprise threats, serious acts of sabotage/terrorism, fraud and theft etc. The solution offers capabilities to co-relate seemingly innocent events and activities to detect real threats and risks, while boasting of powerful alerting and automated Remedial Action Strategies (RAS) for decisive action.
As an example of a blended threat that the company's software targets, Gill cites someone who uses legitimate physical access credentials to enter a warehouse and remove valuable goods--and then uses authorized access to an Enterprise Resource Planning (ERP) system to hide the theft by making inventory and accounting adjustments. "We send out an alert regarding the asset movement, the presence of the individual in the warehouse and the entry the individual made in the ERP planning system to conceal the theft," Gill says.
Other examples include someone at a major financial institution downloading customer social security numbers from the server room, a room he never physically entered. The information is sold to scam artists that ultimately create thousands of fraudulent bank accounts.
AlertEnterprise is targeting a number of different industries including financial, chemical, transportation and energy.
Only registered users can write comments.
Please login or register. |
