Formula 1 has long boasted the fastest road-course automobiles in the world and, with that distinction, comes a highly competitive atmosphere between rival manufacturers. Race day is an intense mixture of anxiety, hard work, planning and precision that can all go awry with the smallest degree of error.
But as new technology and designs arise, the only kind of speed that intimidates F1 manufacturers comes from the innovation cycle. Designs for the next generation of cutting-edge F1 racers are locked down more than the Crown Jewels, a difficult task considering the collaborative work environments and 24/7 global design cycle that has been adopted today. Security is pivotal, as even the best teams and drivers can face defeat if their winning formula is compromised.
In order to have a sense of security, teams need full visibility into what end-points and information employees are using and accessing in their workflow. Speed is key in all aspects of the F1 industry, but protection of intellectual property is now also taking centre stage. The 2007 F1 alleged espionage controversy, known as Spygate, was a sore spot for the sport and, to avoid reliving such incidents, F1 teams across the board have taken steps to protect their invaluable data on and off the track.
Teams have set up shops that concentrate on secrecy. Projects are isolated and engineers cordoned off to work in total privacy. External hackers naturally pose a danger but, if history is any indicator, teams must also rule out a more subtle liability: insider threats. It’s much easier for a well-connected member of staff to pass on sensitive information than many organisations realise.
In light of this, like all F1 teams, Williams is now protecting against security threats by turning to security companies such as Dtex Systems, a company that provides a comprehensive view across their entire network. F1 races can be won or lost on details, including materials used, fuelling times and chassis build, and not having control over these details could mean the end to a potentially successful season.
HOW TO DEFEND
The idea of staff posing a threat isn’t a pleasant one, but businesses need to take it seriously. A recent study by Vormetric revealed 89 per cent of companies believe they are at risk from an insider threat and 55 per cent say their biggest threat is privileged users. One in three felt extremely vulnerable.
Counteracting the danger is not easy. Staff can be locked out of sensitive zones, but this is no guarantee. When Edward Snowden breached security at the US National Security Agency, he used two dozen borrowed passwords to gain access to files beyond his official authorisation. Besides, staff may be legitimately working on the data.
The Dtex solution allows employees to work unimpeded, but sound the alarm when anything suspicious is noted within the network. It works by observing user activity through micro-agents installed at the end-points, while refraining from gathering personal data from end-users. Through Dtex, Williams can keep an eye on the programs being used and the data being accessed and transferred across the company, and do so in a way that adheres to the strictest privacy laws. Algorithms then analyse actions for potentially threatening or risky behaviour.
For example, if a staff member does something out of the ordinary, such as transferring design data to a removable USB drive, copying folders or straying into areas of the IT system where they do not usually venture, Dtex will flag the incident for review. The algorithms are highly sophisticated; they create a baseline of user behaviour and can report on sudden changes in behaviour as well as more subtle behaviour changes over time, such as a user deciding to leave the organisation.
Our software provides a simple way for companies to monitor and react to potential breaches by employees the moment the threat emerges
The Dtex package comes pre-loaded with more than 330 behavioural events that can trigger an alert. Dtex managing director for Europe, the Middle East and Africa, Michael Cloete, says: “Our software provides a simple way for companies to monitor and react to potential breaches by employees the moment the threat emerges. Unlike traditional methods, our algorithms provide a way to detect irregular events, such as staff accessing rare data or frequently returning to highly sensitive materials.” Tracking user behaviour has a string of additional benefits.
Since Dtex compiles statistics on program usage, the solution can be used to determine whether software licences are being used to the full. One customer saved hundreds of thousands of pounds by using Dtex to audit software usage, resulting in a large number of redundant licences being terminated.
The ability to monitor and understand employee behaviour better has an obvious application for the financial services industry, where firms are feeling increasing pressure to spot unethical behaviour before it becomes a serious concern. Dtex gives compliance officers a powerful way to monitor the behaviour of thousands of staff at once, using an intuitive interface.
AGE OF ALGORITHMS
The technology at work is surprisingly mature. Dtex Systems was founded in 2000 to develop security for the Australian government. Now headquartered in San Jose, California, the firm raised $15 million to cope with rising demand for its services. Mr Cloete explains: “We are helping global firms understand the need to take action against insider threats and recognise that algorithm-based systems are much more accurate in defending against behaviours which are extremely hard to detect.”
In Europe, Dtex has adapted to the rigorous EU privacy compliance laws. Since Dtex anonymises user data, IT security will see suspicious behaviour tied to “User 17” rather than John Smith. Only when a breach is believed to have occurred can a request for identification be processed. The solution only collects metadata – no keystroke logging or screenshots – to add an additional layer of user privacy.
Ease of implementation has been key to adoption. Dtex is quick to deploy and is so lightweight that there is no noticeable impact on the user end-point and network. Threats can be assessed using a chart-based graphical user interface, which IT administrators can learn quickly without any prior technical knowledge.
“Companies need to take insider threats seriously,” says Mr Cloete. “With the right tools they can be sure they are protected against the most sophisticated dangers.”
For Williams, the adoption of Dtex means it can work with partners knowing it is doing all it can to safeguard data.
Want to learn more about understanding employee behaviour and mitigate the insider threat? Visit dtexsystems.com