System Solves 'Anat Kam Syndrome'

Covertix makes a security system that keeps tabs on who is trying to access important documents- and making sure those who shouldn't, don't.

TechIsrael Staff,

Anat Kam
Anat Kam
Flash 90

Israel's defense and security officials are extremely careful when it comes to protecting data. After all,  Israel is where computer security – in the form of the firewall – was invented. Systems do fail sometimes, like they did on Sunday (and the likelihood is low that the crash was caused by Anonymous hackers, since they did not release any purloined documents to the internet, as is their custom) – but those failures are usually do to a technical problem, not a hacker. The Defense Ministry's computer system alone sustains about 80,000 hacking attempts a day, so it's clear that external security is pretty good.

But internal security is another matter, as the Anat Kam case shows. Kam was a secretary in the IDF who managed to copy thousands of sensitive documents – some of them top-secret – which she forwarded to journalist Uri Blau. As an employee, Kam had security access to the computers in her office, and the documents on the servers. Clearly, Kam did as much damage as Anonymous hackers crashing IDF computers and then stealing and posting sensitive documents online would, if they could. The difference between the two is that Israel directs its security systems towards that hackers, who are outsiders; yet there was no apparently no defense against an “internal hacker,” like Kam.

"This entire event could have been prevented if the files were protected, using SmartCipher SmartPolicy by Covertix, utilizing file monitoring and alerts capabilities or good old file level protection" says Alon Samia, founder of Covertix. SmartCipher, Samia says, lets organizations keep track of documents and data that are “at risk" from unauthorized employees who have physical access to servers and can just attach a USB drive to a data port, and copy whatever they want.

SmartCipher operates in two modes, Active Mode and Shadow Mode. Active Mode is the protective, file-level enforcer of an organization’s rules and policies. It controls access to files, wherever they travel, and controls access whether files are online or offline. With the SmartCipher plug-in attached to a file, only individuals with specific rights can even read the file, even if they are able to copy it. SmartCipher's  Shadow Mode performs file tracking and file surveillance, traveling with the file, tracking and monitoring file behavior at any point of use, informing the administrator if a file has been copied, by whom, and when.

With Covertix, a document can contain rules about how it is t be used – for example, it can contain rules about whether it can be printed, copied, or forwarded. And if those permits are in place, the plug-in will report back to the server exactly where the information went. Those rights could vary by computer as well – for example, a rule could be implemented that would let laptop users view, but not edit, a document.  

The rules can analyze content, as well; for example, if a document has one credit card number, it could be assumed that the number belongs to an individual who is trying to buy something on-line. But ten numbers would indicate that the document is a record of company customers that has no business being in the hands of someone outside the organization, and the rules would prevent the file from being opened.

Depending on the level of security, the system could potentially even ban a recipient from accessing the document based on location; for example, if the document rules expect a particular IP address on the recipient's computer and a different one shows up, the reader may be an intruder checking out secrets s/he shouldn't be looking at. In short, Covertix can tell you everything you need to know about where a document goes, who reads it, when they see it, and how they access it - and ensure that those who shouldn't, don't. It's a complete solution for document safety and security – and guarantees that Anat Kam types stay away from the information they're not supposed to see.




top