SearchInform AlertCenter

AlertCenter is sensors of violations of corporate policy of cybersecurity and the analysis of information flows of the organization. The support of search in the dictionary allowing to detect even more authentically confidential documents among the data sent by users became a key innovation of the offered version.

AlertCenter-the central component of "A circuit of information security" from which it is possible to carry out work with all system in general. In AlertCenter new types of search appeared:

• search in attributes. For example, if earlier of activity of the employee in ICQ, e-mail, social networks it was difficult to keep track as it disappeared under fictitious names (nicknames, logins) lastochka666 type, then now it can be calculated on domain name using which it is registered in the corporate computer network;
• search in regular expressions. This type of search, in particular, will help to find out whether someone from employees transfers personal data of clients to competitors. Let's remind that ensuring confidentiality of personal data which the company – the duty fixed by Federal law No. 152 "About personal data" has;
• search in digital fingerprints will help to reveal important documents in sent by employees on different to highways;
• search using synonymic ranks will help to find out, for example, whether employees carry on a talk in ICQ or Skype on a certain subject (for example if it is about a bribe for transfer to the competitor of a know-how of the company).

Became possible to detect the ciphered archives in information sent by employees, to recognize the text in graphic files (the scanned documents), to make "white" lists of employees which will not be exposed to checks and so forth.

In the version of summer of 2012 of AlertCenter there was a new mechanism of formation of information security policies – the specifying requests (including using regular expressions) that gives the chance to build the requests executing not only search of a certain information, but also to execute verification of this information on satisfaction determined by criteria. For example after detection of a suspicious fragment using search in the dictionary, AlertCenter can check in addition structure of the detected fragment and generate an incident only in case of detection of data of tabular representation. Such opportunity significantly simplifies leak detection of data from corporate information systems, reducing at the same time the number of false drawdowns.

Updating of fall of 2012

In the version of fall of 2012 in the module AlertCenter intended for management of notifications on the detected incidents in the field of information security improvements most of which will estimate the large companies and the state organizations making a considerable part of users of "A circuit of information security of SearchInform" are implemented. Significantly the speed of accomplishment of verification of information increased by compliance to the configured security policies, a number of improvements in the interface – an opportunity to set ranges of the IP addresses, illumination of search results on compound requests and many other things is implemented.

Updating of the beginning of 2013

Also the product SearchInform AlertCenter – the sensor of violations of corporate information security policy and the analysis of information flows of the organization was updated. In the new version the level of protection of the program against unauthorized access is increased: the SearchInform AlertCenter console requires authorization now, is implemented a possibility of differentiation of the rights to access to groups of alert. Now the head of the safety department can set access rights of different specialists to different alerta. For example, some of them can permit editing security policies and viewing incidents, to give others the chance only of viewing the politician and results of check, to prohibit the rest viewing both security policies, and incidents. Also in SearchInform AlertCenter there was an opportunity to create the "black lists" allowing to perform check strictly on the list of users set in them.

Updating of fall of 2013

Support of work not only with indexes, but also directly with the databases SearchInform FileSniffer, SearchInform MonitorSniffer, etc. became the main improvement of SearchInform AlertCenter – the product which is responsible for the automatic analysis of the intercepted information on in advance configured criteria – that, eventually, allowed to reduce significantly the amount of "manual" work of specialists in information security. This improvement allows to reveal automatically the data which are not exposed to indexation (i.e. in what there is no text), on certain attributes: to date, user account, etc. For example, it is possible to intercept automatically screenshots of those machines on which a certain process is started. Due to function work in real time, responsible for information security can obtain data of the analysis and the related notifications precisely then when the user makes an attempt to break security policy. Also in the new version of SearchInform AlertCenter work with regular expressions was significantly improved. On the one hand, the check algorithm on regular expressions was optimized that allowed to increase the speed of its work more than by 10 times. On the other hand, verification on names and numbers of bank cards and passports is added that allows to miss the data similar in appearance to numbers of bank cards or passports, but not corresponding to algorithms of generation of the corresponding numbers.