Luminet Fraud and Compliance Software—Business Benefits

The business risks—financial loss, failed audits, regulatory fines, and brand damage—of insider threats  to your corporate data are too devastating to ignore. Here’s how Luminet enterprise fraud and compliance software can help you prevent these threats, including fraud and information leakage, and protect your business:

100% Visibility, So Nothing Gets Missed

Luminet fraud and compliance software captures a complete, real-time, over-the-shoulder view of user activity across multiple data channels, including queries and other read-only transactions that typically do not leave any traces in corporate databases or logs.

As a result, internal auditors and fraud investigators can visually replay user actions screen by screen, keystroke by keystroke, just as if they were looking over the user’s shoulder. Not only can they see everything, but they can also place it into context.

 Luminet records only interactions between employee workstations and your critical business applications running on the corporate servers. It’s definitely not “big brother” spying on your employees.

Pre-Emptive Strikes Eradicate Risk 

 Most solutions address insider threats after the user has already gained access to the target information and is trying to transfer it out of the organization. Network-level solutions work by looking for sensitive data created in outbound messages (e.g., emails and instant messages). Desktop-level solutions look in media created at the desktop (e.g., via printing, writing to USB flash disks, or writing to CDs).

These approaches are highly problematic. Once sensitive data is displayed on a user’s screen, it can be transferred in undetectable ways—e.g., copied down on paper or photographed with a cell phone camera. At this point, it’s already too late.

Luminet fraud and compliance software takes a different approach, working at the application level to address threats before they occur. More specifically, Luminet monitors application usage so that you know exactly when sensitive information is being displayed on the user screen. When applications are monitored pro-actively, the fraudulent behavior that occurs prior to a leak can be detected. The leak can then be prevented at the point of data access—regardless of the strategy for leaking the data.

Real-Time Alerts Trigger Fast Action

Luminet’s powerful analytical engine tracks user behavior in real time, detecting cross-channel patterns and activities. In this way, it can pinpoint suspicious actions—based on business rules and weighted scores that you’ve defined—and generate real-time alerts related to questionable behavior. For example:

• A bank clerk who excessively searches for high- profile customer information, by customer name, much more than other clerks.
• A user who displays 500 customer accounts on a specific day, spending only a few seconds with each account, while on average he accesses only 100 customer accounts per day.

Luminet alerts can be sent to internal auditors, who can use them to zero in on anomalies, eliminate false positives, and facilitate after-the-fact investigations. When Luminet is integrated with an operational system, the alerts can also trigger automatic actions—for example, the initiation of a “suspend user” process in the operational system.

Faster, Easier Audit Prep 

 Your auditors expect precise and detailed information about how the thousands of people across your enterprise are accessing sensitive information on hundreds of applications each day. This often amounts to tens of thousands of screens of data and log entries. They also expect to see this information presented in a format that aligns with their unique regulatory requirements.

Because Luminet records all application use, you can easily access specific audit information at any time. There’s no need to manually extract more or different data from log files—or worse, force your auditor to guess what happened when log files fall short.

You simply refine your rules to generate new charts, graphs, dashboards, and reports on demand. It’s easy to test your level of compliance prior to an external audit, or to adjust reports to meet auditor expectations. You can even use Luminet rules and alerts to demonstrate the controls you’ve established to flag noncompliant behavior in real time.

Paving the Road to Compliance

Luminet sees, records, and analyzes user activity on all enterprise applications—screen by screen, keystroke by keystroke, in real time. The resulting audit trail, along with the business rules you’ve defined to pinpoint suspicious behavior, can help you meet key requirements of these regulations:

• Payment Card Industry Data Security Standard (PCI DSS)
• Fair and Accurate Credit Transactions Act (FACTA) Red Flag Reporting
• Federal Financial Institutions Examination Council (FFIEC) 
• Gramm-Leach-Bliley (GLBA)
• Health Insurance Portability and Accountability Act (HIPAA)
• Sarbanes-Oxley Act (SOX)
• Federal Information Security Management Act (FISMA)
• Personal Information Protection and Electronic Documents Act (PIPEDA)
• Basel II.

Zero Downtime, Zero Risk

Installing Luminet takes just a few hours and there is no impact on system or network performance.

Because you install Luminet on a separate server (running Linus, UNIX, or Windows), there is no need to add or change anything on the host or client. What’s more, Luminet is connected to the network through a mirror port or a tap device. This type of passive, one-way connection to the network ensures that Luminet cannot interfere with network traffic. Luminet can receive data but is unable to send data to the network through this connection.

Learn More About Luminet Enterprise Fraud Management Software

• Luminet Product Overview
• Luminet Product Highlights
• Luminet Technical Specifications
• Fraud Control Center
• Luminet and Your SIEM Solution
• Luminet FAQ
• Enterprise Fraud Management Glossary