Making Its Presence Known: InnerPresence Joins the Security Game


As securing corporate content becomes increasingly requisite, companies find themselves looking for solutions that are robust and invisible. While companies need their content locked up tight, they also need those intended to use that content to be able to do so with a minimum of hurdle-jumping. InnerPresence, which officially launched its first product InnerEye in June, has set its sights on doing just that.

Founded in 2001, InnerPresence is designing products to help companies monitor and audit the behavior of users based on an array of customizable options. The company is quick to set itself apart from DRM vendors, saying InnerPresence is more a component of the security process. "We are not in the business of managing users," explains InnerPresence CEO Doron Myersdorf. Thus, they integrate with whatever network service a company currently uses then manage and enforce security policies in real time—regardless of the user, device, document, or location—across the entire enterprise content food chain. "We regard users, devices, and documents as equally important in the system," says Myersdorf.

The InnerPresence solution, InnerEye, differentiates between an administrator and a user, with administrators having viewing privileges that are not accessible to users. When an administrator signs on, "he has a bird's eye view of all the assets that are under management," says Myersdorf. Administrators can view different tabs corresponding to different sections of the solution: Reports, Tracking, Enforcement, Analysis, Agents, and Users.

The Reports view shows different users and their activity within the system, such as what documents they have read, edited, printed, or distributed, what documents on their device are secure, and which users have been using what devices. Tracking shows a list of template policies and what each policy allows or restricts. The Enforcement layer is very similar to Tracking, but blocks actions in real time; for example, if users attempt to print an unauthorized document, they will be denied and an alert will be sent to their supervisor. Depending on the severity of the violation and the sensitivity of the information, the alert will be in the form of an email, a page, or even entirely shutting down the offender's computer. The product also provides real-time analysis and alerting and it uses risk management algorithms to determine security risks based on the user, device, or file activity patterns.

nnerEye has been designed to act like the Windows systems most users are comfortable with. To secure a document as a user, an individual simply right clicks on the desired document and clicks a new line that has been inserted in the usual menu: IPSecure. The user can then choose from a pre-defined policy or create one based on the needs of the specific document or user. "I don't need to be an administrator to create a policy," says Myersdorf, which enables users to maintain some level of control over their work.

At this time, InnerPresence is targeting the financial, governmental, and biopharmaceutical vertical markets and has extensively Beta tested the product in these areas. They currently support requirements set forth by the Gramm-Leech-Bliley Act, FIPS standards, the Sarbanes-Oxley Act, NASD regulations, and HIPAA.