The Internal Threat – Security within the Perimeter

In an era of shared information and resources, IT security executives - traditionally focused on 'securing the perimeter' - are taking a fresh look at internal network security. Even the most sophisticated gateway solution, designed to control access into and out of the network, cannot address the internal threat. For example, an insider can connect a mobile phone or his PDA to his PC for synchronization purposes and at the same time open a connection to the internet that bypasses the gateway hence creating an unsecured access route into the organization.
Information Security managers acknowledge this lack of ability from gateway security solutions yet find it difficult to control the activities of internal users who, purposely or accidentally, with no malicious intent, could cause severe, irreparable damage to the organization.
 
Promisec Spectator^TM Professional – Complements Gateway Security Solutions

Promisec Spectator^TM Professional’s Clientless Endpoint Security Management (CESM) software from Promisec^TM provides the organization with a complete security solution that protects it from threats originating within the internal network, caused by its own users or other insiders. The solution is a software only solution that is normally installed on an administrators desktop or on a server in the SOC/NOC (Security/Network Operations Center) and NOT at the gateway.

As more and more people are granted access to mission-critical data and resources, many of today's threats originate from endpoints within the network. Internal users, often with access to the most sensitive of company information, can either maliciously or unwittingly introduce harmful code into their PCs. Trusted employees can copy confidential information for use outside the organization unhindered.
In today's IT environment it is essential for enterprises to combine a CESM type of solution with existing gateway security solutions, that enhance and complement each other in order to provide total security for both the network perimeter and the internal organization.

Why Clientless?
 
Detects, Repairs, Prevents, Monitors

With Detection, Repair, Prevention and Monitoring modules, Promisec Spectator^TM Professional delivers a comprehensive solution to manage security on all organization network endpoints and servers. Promisec Spectator^TM Professional:

• Detects hidden threats. Promisec Spectator^TM Professional identifies threats that have bypassed gateway security systems and embedded themselves in the network - rogue access points, modems or any other peripheral device added to any network endpoint or server, and unauthorized processes or applications.
• Repairs threats before they result in a security breach. Leveraging remote remediation technology from a centralized management console, Promisec Spectator^TM Professional enables security administrators to remotely kill harmful processes and reverse dangerous registry changes, directly from their own workstation.
• Prevents the leak of confidential information. Promisec Spectator^TM Professional prevents the use of mass storage devices or any peripheral I/O device - whether on-board or external - on any endpoint or group of endpoints. This effectively stops individuals from illegally copying sensitive company information onto portable devices. 
• Monitors for Compliance. In today's environment of ever-evolving regulatory standards, Promisec Spectator^TM Professional enables organizations to ensure constant compliance. By constantly inspecting each and every endpoint and server in the network, Promisec Spectator^TM Professional ensures that compliance is strictly and continuously maintained according to company policy. If for any reason an endpoint becomes non-compliant, Promisec Spectator^TM Professional can return it to a state of compliance using the built in 'Repair' module.

Product FAQ

Promisec Spectator^TM Professional for Regulatory Compliance

Security solutions available today, that are meant to protect the internal network, only offer a partial answer to the wide spectrum of threats that originate from within the organization.  Promisec^TM with its unique CESM technology provides a comprehensive solution for organizations to protect themselves from the type of threat caused by individuals within the organization that can jeopardize business continuity or in extreme cases endanger the very existence of the organization.
 
Unlike other internal network security solutions, Promisec Spectator^TM Professional requires no resource-sapping client installation and maintenance. With an intuitive interface designed for use and customization by non-technical users, Promisec Spectator^TM Professional is ideal for IT executives with a hands-on approach to internal security - demanding no additional staffing or training to effectively counter the internal threat. This gives them the power to identify unauthorized applications such as Instant messaging programs or file sharing programs that can bypass the company’s gateway security devices and endanger the entire network. The installation of unauthorized Access Points or WI-FI are also  sources of unauthorized access to a company's network, that easily bypasses security solutions installed at the gateway.  Promisec Spectator^TM Professional is therefore the perfect complement to existing IT security devices that protect the perimeter by providing the same level of security within the organization at the endpoint and server level. 

Granular Threat Protection

As a comprehensive internal security management tool, Promisec Spectator^TM Professional provides centrally-managed, granular access to each network endpoint - down to individual ports or peripherals on individual user workstations. Drawing updated user information from LDAP or Active Directory, Promisec Spectator^TM Professional supports thousands of users, or user groups - allowing definition and enforcement of security policy at all levels.    

The Right Detection, the Right Remedy, the Right Prevention

Each organization is a unique entity - facing unique security considerations and threats. That's why Promisec^TM never assumes to understand its clients' networks better than their own IT professionals. Complementing an extensive built-in library of pre-defined threats, Promisec's solutions also allow IT security administrators to define, detect, monitor and prevent custom threats - based on their own intimate knowledge of their organization and network environment. Promisec's 'User Defined' module allows simple and powerful definitions of threats - and the appropriate system response and notification.