This is a clever gizmo which sits between a data centre and people accessing the data which has an active alert function and which can reconstruct changes people have made to systems as well as preclude certain users from doing different things.
Gabor Marosvari, product marketing manager at Balabit, showed data that demonstrated that 88 percent of internal problems and caused by abuse of privileges, and 71 percent of all misuses are made using LANs, with 21 percent of those using remote access.
Firewalls, security information and event management (SIEMs) and password managers aren’t enough to protect systems, Balabit claims. Balabit’s SCB, however, controls privileged user access to remote servers, heads off malicious actions at the gorge, records activities and reports actions for compliance and decision support, it claims. If an intrusion happens, the system can be set up to email the god or goddess that runs the SCB system, and to text them too, if required. It supports the following protocols.
Balabit also claims that it has little competition in the sector. Wallix, CyberARK, Xceedium and Dell Quest use jump hosts; Observe-IT, Centrify and TSFactory are agent based, while Intellinx is a network sniffer.
Balabit, which received an £8 million series A funding from C5 last week, targets banks, central government, telcos, cloud and MSPs, big manufacturers, large enterprises and enterprises using outsourcing. It doesn’t have any offerings for SMBs, and the cheapest implementation is likely to cost in excess of $10,000. Customers include Raiffeisen, Orange, Telenor, Handelsbanken and Ankara University.
Of course, the big question is that it will be one or two superusers, such as auditors, that has access to the device that monitors an entire enterprise.
Quis custodiet ipsos custodes – who will guard the guards themselves? Because she, he, or they are humans too, subject to the emotions, passions, greed and chicanery that affects all of our species.