10 March 2017 / Blog
Zoom Blog Series: Identifying Red Flags in Just Four Clicks: Proactive Notifications
By: Tom Kremer
Consider how far the technology in your home has advanced over your lifetime. Now think about the technological leaps we’ve seen across enterprises and it gives you a glimpse into why the hacker culture of the 1980s has evolved into a for profit business proposition.
How can organizations begin to combat the higher threat of cyber attacks and other security risks that abound in this new technological reality? High-profile hacker turned security expert Mark Abene points to machine learning as part of the solution. He notes that the rise of machine learning algorithms make it easier for businesses to detect unusual behaviors and pinpoint the culprits.
If Abene’s prescription for securing and protecting both your business’ data and your reputation sounds out of reach for your organization, think again. On a daily basis, your enterprise applications transact thousands of events -- some of which are potentially harmful to your business. The key is to know as soon as those transactions occur, so you and your team can act upon a previously undetected event before it can grow and cause a mission-critical disruption.
ENTER ZOOM NOTIFY
You know which types of transactions to flag. Choose from a selection of preconfigured alerts -- and create custom ones -- to get and send proactive notifications of virtually any suspicious transaction occurring in your enterprise applications.
Zoom Notify Examples
A. Changes to System Critical Data – When events occur in your system that require actions to be taken by you or your staff, Zoom Notify can alert immediately with the details of the change. A use case where Zoom Notify excels is when changes to your product components requires several actions be taken. Some of these action are automatic, but others are manual. Timely notification and action on the manual items drives directly to operational efficiency.
Using Zoom Notify, you can create a rule triggered upon changes that occur using a particular form or application. For example, in a manufacturing environment, changes to an item master entry may necessitate notification to vendor, supplier, and regulators.
An alert from Zoom Notify arrives in your inbox looking like this:
B. Alert on Suspicious Internal Activity, Malicious or Not – Employees are required to access sensitive business data every day. Those access rights also allow for potentially devastating data breaches. According to a Grand Theft Data Report by Intel, internal actors (employees, contractors, and third-party suppliers) were responsible for 43% of data loss, half of which is intentional, half accidental. Additionally, the Verizon 2016 Data Breach Investigations Report found 63% of confirmed data breaches involve using weak, default or stolen passwords.
The grouping feature of Zoom Notify enables customization of rules specifically targeted to alert when any individual user performs a specific activity. Zoom Notify will monitor accesses to the specific form or application within your ERP system, alerting if the threshold you define is reached. This game-changing capability enables swift response, thwarting a would be theft attempt.
Creating a rule in Zoom Notify to alert when a user accesses sensitive data too frequently, for example, an employee that is leaving the company wants to screen capture your customer master data, could save valuable time and resources in identifying, and resolving, potential security and compliance breaches.
To aid in identifying breaches of compliance, Zoom Notify can also identify a compromised internal password used to search through sensitive data. A further investigation using the Security & Compliance Module can then map this nefarious activity directly to the ip address or workstation used.
Outcome: Security risk mitigated, 24x7 compliance assurance.
C. System Performance Indicators – Our employees doing the front line work that makes a company run smoothly are often the first to notice system performance issues. The boundary between satisfactory and not is a subject viewpoint of the individual. Using an alert on transaction response time with Zoom Notify you can set a performance threshold so you are alerted before your users that transaction performance is an issue.
The rule pictured above will send you and your defined set of recipients a notification within Zoom as well as an email to all designated individuals. The rule shown above is configured to monitor events with response time longer than three seconds. If five events occur within five minutes (300 sec) within the same System Code, a notification will be sent. Grouping by System Code is a good way to identify issues affecting a single functional group within your organization.
Zoom analytical tools provide a pro-active operations management capability that changes the conversation from vague perception and anecdote to concrete, data backed facts. This serves to validate users experiences, right or wrong, and directs management to areas in need.
Outcome: Reassurance of system performance, easier communications regarding issues, and enabling corrective actions to be taken before your users are affected, or even notice!
Missed any of our posts in the Identify Red Flags in Just Four Clicks series?
Check them out here:
© 2016 Velocity Technology Solutions, Inc. All rights reserved.