In previous posts we covered several critical factors that organizations should consider when comparing insider risk management and insider threat monitoring solutions. This article will discuss a more fundamental business factor: Value time.
When organizations evaluate solutions, they consider functionality, total cost of ownership, and the impact on their business of adding the technology. They expect benefits in return. The sooner they see these benefits, the better. The time it takes to realize the benefits is known as the recovery time. A rapid return on investment provides organizations with demonstrable proof that they have chosen the right solution. Dollar for dollar, solutions that deliver value quickly will also have a better return on investment.
In contrast, solutions that require extensive configuration, employee training, or a change in the way employees work will have a longer lifespan. Delaying the time to value can lead to resistance within the organization (“that thing doesn’t work”) and unnecessary charges on unused licenses. It can also cause initiatives to lose momentum and turn solutions into shelving products.
Insider threat monitoring solutions like Proofpoint ITM start with a downside. Operating costs are necessarily higher due to the volume of data collected during video capture and processing. Endpoints may need more processing power to meet their system resource requirements. Storage requirements for raw video, keystroke logs, and screenshots are also higher.
Solutions that are difficult to scale can inhibit deployments, as discussed in a previous article. We see this in traditional data loss prevention solutions that require extensive “tuning” of rules dictating which users can take specific actions with each category of data. In this example, each time a new dataset or user group is added, new rules are required. This is also an important feature of insider threat monitoring solutions. These require dedicated deployment windows to avoid disrupting worker productivity, different deployments and support for MacOS, Windows, Linux, Citrix and Android, and often interfere with existing endpoint agents for solutions antivirus and identity and access management. Troubleshooting conflicts between vendor solutions complicates deployment and delays time to value. This leads some users to delay full deployment or simply limit deployment to fewer devices, leaving paid licenses unused.
Insider threat protection requires solutions that can distinguish between legitimate use and malicious intent and can be deployed quickly at scale. DTEX installs on hundreds of thousands of endpoints in just hours and begins protecting information immediately with analytics based on proven human behavior patterns. DMAP+ TechnologyThe effectiveness of does not depend on constant human intervention.
Unlike intrusive surveillance solutions, DTEX INTERCEPTION does not require significant overhead. It provides a lightweight and zero-impact cloud-native solution that collects only 3-5MB of data per user every day with low CPU usage and no impact on employee efficiency or performance. This allows customers to benefit from a rapid return on investment:
- Day 1: Within the first 24 hours, DTEX InterCEPT begins to calculate the behavioral benchmarks of users, peer groups and the organization.
- Day 10: Intercept identifies abnormal behaviors that originate from malicious, negligent or compromised users.
- Day 14: The accelerated deployment and intelligence gathering of DTEX InterCEPT provides internal risk benchmarks and produces an overview of organizational risks and actionable recommendations.
Rapid return on investment requires solutions that are simple to deploy and manage, without requiring significant overhead. DTEX InterCEPT provides these features and protects organizations from insider threats without violating user privacy.
The next article in this series will cover the differences in how insider risk management and insider threat monitoring solutions fit into an organization’s existing security ecosystem. Download our e-book MRI vs. ITM for the complete comparison of these two solutions.
The post office Insider risk management time to value is key to adoption and success appeared first on DTEX Systems Inc..
*** This is a syndicated blog from the Security Bloggers Network of DTEX Systems Inc. written by Jonathan Daly. Read the original post at: https://www.dtexsystems.com/blog/time-to-value-for-insider-risk-management-is-key-to-adoption-success/