Ohio Government Agency Selects Intelligent ID to Protect Sensitive Data and Combat Insider Threats
The Ohio Government Agency is responsible for serving the needs of 90,000 developmentally disabled residents of Ohio, with 10 developmental centers and over 3,000 employees. On a daily basis, employees at the Agency come in contact with sensitive patient information, including Social Security, Medicare Numbers, and other crucial pieces of PII. Ensuring the safety of this data, along with monitoring employee activity for Code of Conduct misuse are vital to achieve their mission statement.
“We now needed protection from an internal perspective.”
–Chief Information Officer
The goal of the Ohio Government Agency’s Chief Information Officer has been to significantly improve the security posture of the organization. Before implementing Intelligent ID, the CIO had effectively secured external threats but had not yet solved the pervasive problem of the insider threat. His answer? “We now needed protection from an internal perspective.” Protection from an internal perspective covered multiple monitoring areas for the Agency. While securing sensitive data from internal misuse or malware was a top concern, other
items, such as monitoring employee activity to ensure proper behavior with respect to their Code of Conduct, were vital to protect the department’s reputation. Additionally, the solution
needed to be easy to use from both a technical and non-technical standpoint, appealing both to the IT and HR staff, while providing substantial forensic evidence, robust reporting and
detailed audit tracking.
In 2011, Intelligent ID was chosen to complete the Ohio Government Agency’s security posture and to provide comprehensive transparency into internal activities that could affect their sensitive information and reputation. After completing a pilot deployment program which monitored the activities of approximately 100 user-based identities, the Agency proceeded with the procurement of Intelligent ID for their entire department of 2500+ user-based identities.
In order to obtain the level of security and monitoring identified by the department, monitoring criteria from the four main categories of Intelligent ID [Identity Monitoring, Data Loss Prevention, Productivity and Infrastructure] were implemented to address their needs. Additionally, OnGuard Systems worked hand-in-hand with the Agency to create new features developed to address specific needs and concerns of their department and others like it. Intelligent ID proved to be effective in enhancing DLP, monitoring user activity and providing
insight into how data is used within the organization. Unexpected additional benefits proved to exceed executives’ expectations, such as filling gaps in existing solutions and reducing the
workload on investigatory incidents by orders of magnitude.
“The number one item is the amazing DLP aspects of IID.”
-Data Security Supervisor
Monitoring with Intelligent ID
Intelligent ID’s unique design, along with its ability to customize and adjust monitoring levels to each individual organization’s needs, proved to meet the requirements set forth by the Ohio
Government Agency’s employment practices. “IID allows us to adjust everything so that we have a standard monitoring platform across the agency that allows us just the right amount of monitoring. [It] really stands out in the ability to customize to the level the agency needs,” said the Agency’s Data Security Supervisor.
The Ohio Government Agency utilized Intelligent ID’s group monitoring architecture by applying different monitoring criteria to different departments. For example, by providing specific rules to the IT department versus the HR department, more accurate monitoring was conducted, reducing the number of false positives generated and gathering more relevant information.
User Activity Monitoring
Monitoring user activity with Intelligent ID from a productivity and activity perspective assisted in providing the Agency with detailed information that no other tool was able to generate. Intelligent ID was able to report more accurate usage information based on ‘active time’ measurements for both application and browser activity. This information proved pertinent in identifying breaches of the Agency’s Acceptable Use Policy.
Additionally, with the capability to monitor the keybuffer for suspect key phrases, Intelligent ID was able to detect further Acceptable Use Policy violations from the Ohio Government Agency’s Code of Conduct. The Agency’s administrators gained the ability to determine when unapproved websites were visited, unapproved content was created or other potential harmful activities were performed based on user keyword behavior.
Sensitive Data Protection and HIPAA Compliance
With the daily activities revolving around sensitive content, monitoring and alerting on potential breaches or unauthorized access proved a vital feature for the Ohio Government Agency. This helped not only give the Agency peace of mind that their data is secure, but that they were compliant with HIPAA regulations. “The number one item is the amazing DLP aspects of IID. Knowing how, when and where all sensitive data that must comply with HIPAA is being used has been great,” stated the Agency’s Data Security Supervisor.
Intelligent ID enhanced the Agency’s DLP efforts through features such as monitoring removable media, protecting against unauthorized copies to USB drives and encrypting files that have been deemed sensitive. The Agency further utilized Intelligent ID’s Sensitive Data Crawler Tool to identify and protect all files containing sensitive information on their endpoints. Additionally, Intelligent ID’s keybuffer and clipboard monitoring technologies were utilized to scan for sensitive data misuse at the user level by identifying sensitive patterns, such as Social Security and Medicare Numbers, and determining if they were being used inappropriately.
Endpoint Infrastructure Monitoring
Intelligent ID also provided unexpected benefits to the Ohio Government Agency by supplementing systems that were already in place, such as antivirus software. “IID helps a ton in investigating what malware is doing versus what we suspect a user to be doing. This is very important since most antivirus software is only able to detect 50 percent of the threats
currently out there,” said the Agency’s Data Security Supervisor.
In addition to malware identification, the Agency utilized Intelligent ID’s infrastructure monitoring capabilities to implement whitelisting / blacklisting for both network connections
and processes running on their endpoints. The Agency further utilized Intelligent ID’s HotFix, Registry and application monitoring to ensure proper endpoint administration and
“We are almost 100 percent VDI and IID fully works with no performance issues due to the agent’s low footprint.”
-Data Security Supervisor
Deployment and Implementation
The deployment of Intelligent ID at the Ohio Government Agency proved to be unique, yet simplistic. The Agency utilizes a state-of-the-art Virtual Desktop Infrastructure (VDI) for
the majority of all endpoints, both client and server. From a server deployment strategy, a Windows Web Server utilizing Internet Information Server 6.0 was provisioned from their virtual environment pool. This server was then setup with in-house signed SSL certificates to ensure proper encryption from endpoint to server. Server health monitoring was configured utilizing Veeam Monitor which provided detailed resource consumption data needed for scalability purposes as additional user-based identities were deployed.
When deploying to endpoint user workstations, elements of Intelligent ID were integrated at the VDI image layer to ensure proper distribution to all provisioned endpoints. From there, an Active Directory login script was utilized to ensure all users would download and launch the latest version of the Intelligent ID endpoint client.
Importing user accounts to Intelligent ID was a streamlined process. Intelligent ID connected directly to the Ohio Government Agency’s Windows Active Directory structure for ease of userbased identity import. By syncing groups in Active Directory to Intelligent ID groups, specific monitoring criteria were able to be configured on a permission based level.
Once implemented, Intelligent ID not only provided its own set of monitoring criteria, but also enhanced the capabilities of the Ohio Government Agency’s additional monitoring products. Intelligent ID helped fill gaps identified in the Agency’s ProofPoint email monitoring solution, as well as their Websense browser traffic proxy.
Intelligent ID’s Ease of Use
The Ohio Government Agency not only had a need to protect their information internally, but needed to do so in a way that would not disrupt work flows or require heavy time and resource commitments to administer. The Director of Human Resources at the Ohio Government Agency reports that she needs only ten minutes per day to glean the information from Intelligent ID that she requires for investigation into user issues. Readily-available reports, audit trails and irrefutable evidence saves additional time and resources, where previously it may have taken
weeks to build a case and take disciplinary action.
For the IT staff, Intelligent ID also proves to save time and resources. “IID has proven to be a great time saver over other tools we used in the past for investigations. In the past, we had to manually go through CSV files that were exported from the web filter. With IID we are able to get real time alerts on any conditions we set. These alerts also contain screenshots enabling strong cases to be built when needed…Investigations into user activity have become easy,” stated the Ohio Government Agency’s Data Security Supervisor.
“With IID we are able to get real time alerts on any conditions we set.”
-Data Security Supervisor
The Benefits of Utilizing Intelligent ID
The Ohio Government Agency reports that Intelligent ID has helped to further its mission statement by securing the confidential information of those whom it serves as well as enabling a safer and more secure work environment for employees, contractors and management alike.
In regards to the Agency’s experience and benefits derived from Intelligent ID, the Agency’s Data Security Supervisor added, “IID stands out from the competition because there are no other products like it. Most other tools were strictly for DLP and did not include the other modules that IID has that tie in to make a better product for DLP. For activity monitoring … based on cost and complexity of deployment … it did not make sense compared to the ease of deployment of IID. The ROI has been very good, as IID has several components that would normally be separate products.”
Request a Demo Allow our team to show your team the innerView difference.