You can’t erase every in-house security threat. But there is software to help you manage the risks. Steve Hunt, an analyst at Giga Information Group, puts the software into four categories. 1. Authentication software It answers the question Who are you? Includes passwords, smart cards, biometrics and single sign-on technologies. Web single sign-on is often used as a single point of authentication for browser-based users accessing Web-based applications. Leading vendors include Netegrity and Computer Associates. 2. Authorization software Operating systems such as Unix and Windows NT offer modest protection for controlling who has access to what files. Systems administrators can set permission levels so that certain users can read, write or execute certain files or folders. The problem? The settings are time-consuming to configure and easy for savvy users to override. Authorization software, sold by Computer Associates, IBM and others, enforces the rules you’ve set up. 3. Administration software This software makes access control a little neater. Sold by Access360, BMC Software, IBM’s Tivoli Systems and others, administration software allows companies to keep track of all their users and what access those users have to specific data. It would allow a security manager to place one call instead of asking 25 systems administrators to change access levels, Hunt says. A company with 30,000 employees would spend about $1 million on software and consulting fees. But even then, Hunt says, a savvy internal hacker could cause problems. 4. Audit software BindView, Counterpane and PentaSafe offer products and services for answering the question What happened? They report security events, identify anomalies and identify trends. Companies use audit info to improve the quality of their applications as well as security.Hunt says that CIOs can solve 90 percent of the threat by combining the use of tools such as these with corporate firewalls, internal VPNs and network intrusion detection tools. “That just cost you $2 million if you’re a big company, but you have to ask yourself, What would a competitive espionage breach cost you in market momentum, legal fees or embarrassment?” Hunt asks. “That’s when you take a walk through your cubicles and try to see how disgruntled your employees are.” Related content brandpost Sponsored by SAP Generative AI’s ‘show me the money’ moment We’re past the hype and slick gen AI sales pitches. Business leaders want results. By Julia White Nov 30, 2023 5 mins Artificial Intelligence brandpost Sponsored by Zscaler How customers capture real economic value with zero trust Unleashing economic value: Zscaler's Zero Trust Exchange transforms security architecture while cutting costs. By Zscaler Nov 30, 2023 4 mins Security brandpost Sponsored by SAP A cloud-based solution to rescue millions from energy poverty Aware of the correlation between energy and financial poverty, Savannah Energy is helping to generate clean, competitively priced electricity across Africa by integrating its old systems into one cloud-based platform. By Keith E. Greenberg, SAP Contributor Nov 30, 2023 5 mins Digital Transformation feature 8 change management questions every IT leader must answer Designed to speed adoption and achieve business outcomes, change management hasn’t historically been a strength of IT orgs. It’s time to flip that script by asking hard questions to hone change strategies. By Stephanie Overby Nov 30, 2023 10 mins Change Management Change Management IT Operations Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe