Collecting data and preparing reports for an auditor can seem burdensome and confusing. With so many regulations in place, the paperwork never seems to end.
But the regulatory process is actually good for your business. After all, regulations were put in place by industry groups and government agencies to protect the public and shareholder interests. Those protections have benefits for your organization:
• The public, aka your customers, will trust you to continually guard their confidential and financial information. These relationships are the heart and soul of your business.
• A compliance system reduces your risk. It protects you from the people who can access your sensitive information and operations in the course of doing business every day—your employees, consultants and partners.
• It safeguards your reputation by preventing security breaches that play out in the public’s eye.
• The process of meeting reporting requirements can present an opportunity for streamlining disparate business systems for collecting and reporting data.
The ABC’s of Corporate Compliance
You most likely need to comply with multiple regulations, but the good news is that all of them require the same basic data: a complete and accurate trail of user access to confidential information.
With Attachmate Luminet fraud management software, you can do that and much more. It enables you to track all user activity on an application-by-application basis, then store that information in a secure repository, allowing you to analyze and detect violations, and to efficiently generate specific reports for various regulatory bodies. Here are the details.
Observe and Capture Data of User Activity Across an Enterprise Network
Fraudulent behavior typically takes multiple steps and involves several applications. Capturing this data on an enterprise network is tricky. Every large organization has a mix of legacy and new applications and databases. For example, a user might access a sophisticated CRM database to update a user account, then share related information on an intranet via an ancient web-based app. Tracking all user activity in these conditions requires pulling log data (if an application even creates it) from numerous applications; then the data must be correlated with user authentications and behaviors— what a mind-boggling task.
Luminet erases the need to piece together data from multiple applications and databases. It captures data from user activity on an application level in real time, which allows fraud investigators to visually replay user actions, screen-by-screen and keystroke-by-keystroke.

Analyzing Data to Detect Fraud
Luminet stores user-activity data in a secure, digitally signed repository. Its powerful analytics engine lets you search its store of current on recorded activity to identify suspicious behavior based on business rules that you define. When Luminet uncovers potentially fraudulent activity, it generates an alert to warn you to immediately evaluate the behavior.

Generating Reports for Auditors
Two aspects of an audit are guaranteed. First, you won’t know the exact format a report will take until the auditors ask for it. And secondly, you will know auditors will also expect comprehensive, detailed information on how thousands of employees access sensitive customer information.
Since Luminet stores data from user activity on an application basis, you can easily provide auditors with the specific information they need. And, if an auditor asks for a different view into the data, there’s no need to pull more data from disparate application log files. You adjust your business rules and let Luminet’s reporting capabilities generate new charts, graphs, dashboards, and reports.
Creating a Culture of Integrity and Transparency
Instituting a corporate compliance program sends the message that you care about protecting your customers’ personal information. With Luminet fraud software, you can ensure all data stays private and your business realizes the benefits from putting a process in place. Luminet will help you better manage risk of exposing sensitive data; streamline systems and operations; and help compliance personnel be more efficient.
Yes, regulatory compliance takes work. But we believe the pain is mitigated by gain.

Government agencies around the globe are at risk from within. Just as in the private sector, more error and misuse occurs from internal employees and partners and suppliers than from anyone else. A recent study from Price Waterhouse Coopers indicates that the problem may be getting worse. According to the consultancy’s latest Global Economic Crime Survey, nearly half of organizations in the public sector have been hit by economic crime in the past 12 months. Cyber crime, employee and supplier fraud in particular are on the rise. The survey also found 46 per cent of respondents had experienced one or more incidents of such crime in the past year. That’s quite a jump from 37 percent in 2009 and considerably higher than the average of 34 per cent across all sectors.
Some of the other key findings from the survey are equally alarming:
• More than two-thirds of the crimes experienced in the past 12 months were committed by public sector employees, compared with just over half in 2009.
• Supplier fraud jumped from 13 per cent to 32 per cent over the same period.
• Over 50% of those surveyed said they had the resources to detect cyber crime, but most lack the forensic capabilities needed to investigate such incidents.
Source: 2011 Global Economic Crime Survey, PWC: http://www.pwc.com/en_GX/gx/economic-crime-survey/assets/GECS_GLOBAL_REPORT.pdf
Further, the study links this rise in activity to the cuts in public sector spending—a trend that is likely to continue and deepen if the current economic reality remains unchanged.
Government agencies are clearly struggling to address internal fraud. Their efforts are complicated by shifting compliance requirements, impaired visibility into user activity, legacy systems that house mission-critical processes, and the limited effectiveness of existing controls and traditional logging capabilities.

The statistics are startling: In April 2012 alone, three major security breaches that hit the Utah Department of Health (UDH), Emory Healthcare and South Carolina’s Department of Health and Human Services accounted for nearly 1.1 million records lost.

And it was the work of insiders.

According to an article entitled “Healthcare Unable to Keep Up with Insider Threats” by Ericka Chickowski on the Dark Reading website, the three incidents are typical of “the types of consequences healthcare organizations face when they fail to address insider threats through improved employee screening, monitoring, data controls, and security awareness training.”.

These insider threats were and are potentially malicious and at the very least inept. In the case of the UDH, records were exposed due to the misconfiguration of a server containing the files. At Emory, human error accounted for the loss of a significant number of patient records when 10 backup disks went missing. In South Carolina, a DHHS employee (who has since been fired and arrested) sent thousands of Medicaid patient records to himself in an email.

The healthcare industry, by and large, “has been notoriously incapable of pinpointing risks in general, let alone those from insiders,” the article offers. Sourcing the problem is difficult because these security holes include loss or theft of portable devices such as laptops, smartphones, external drives and backup tapes; actual theft by data thieves; and simple staff ignorance in terms of security, protocol and training.

With solutions available today, those institutions could easily tell the difference between intentional and non-intentional privacy violations, achieve full regulatory compliance, and pass any audit with real-time user activity log files. As the “insider threat” continues to grow right along with the healthcare industry, major steps will need to be taken to stanch the flow of lost and misappropriated records that can and will lead to increased fraud and identity theft. The time to act is now.

To learn more about Attachmate’s Luminet enterprise fraud management software please visit http://www.attachmate.com/Products/efm/luminet/luminet.htm.

The National Institute of Standards and Technology (NIST) released its proposed guidelines last week, which call for organizations to develop capabilities for continuous monitoring and enterprise-wide tracking of information to better measure the effectiveness of security policies and calculate risk of fraudulent activity.

This is a forward-thinking approach by NIST, and we believe this is a step in the right direction.

Securing information management systems is essential for the wellbeing of companies. The value of information within today’s organizations is unprecedented, and companies should prioritize investments in ways to better protect and manage their information from insider attacks and fraud. Unfortunately, due to vulnerabilities in organizations’ infrastructure, organizations average approximately 53 employee-related incidents of fraud annually, which translates to approximately one incident per week.

From data storage to file transfers, many companies have distributed information systems that control many different tasks related to content management; companies grant specific permissions to employees to access the information in these repositories. While nearly all employees will access this information in order to complete their work, there is a risk that someone could have more devious intentions. A single case of insider abuse can have detrimental consequences.

The NIST guidelines call for organizations to adopt a “trust-but-verify” approach to information security, granting access to employees while monitoring for suspicious activity. Continuous monitoring provides a full picture of an organization’s security posture, measures the extent to which the organization is threatened by a potential circumstance or event, and enables the organization to make informed decisions to address risk.

Companies can start securing their information now by taking three actions:

1. Audit your company’s current information management infrastructure to identify where information is being accessed, processed and stored. Because many companies have information spread across multiple systems, it is essential for you to understand all the access points and how different solutions are securing (or not securing) your organization’s important content and data.

2. Understand the privacy and security policies that are currently in place at your organization and identify where improvements can be made with the NIST guidance. By understanding the policies your organization currently has established and comparing that to the NIST guidance, you can identify areas where your information management systems could be more secure and your information better protected against insider fraud.

3. Compare information management systems that can help consolidate the monitoring and auditing practices outlined by NIST. Attachmate’s Luminet solution can help companies stop fraud and misuse of important information, gain compliancy with industry regulations without additional coding, and more easily create accurate, detailed audits of network access.

It is important for organizations to trust the people they hire, but it is also essential organizations take steps to protect themselves from the possibility of an insider attack on information. Be sure to check out the proposed NIST guidelines today to protect your information tomorrow.

-Christine Meyers, senior product marketing manager, Attachmate Luminet