"A lot of data leaks aren't criminal acts, but long-forgotten processes that were created by someone who has left the company or who doesn't understand that something is broken," said Nick Selby, an analyst with the 451 Group. "In our surveys, we found 74% of the IT managers haven't done any work on understanding their internal communication pathways and don't really know how data moves around their networks."
Third, the tools have the flexibility to work with a wide variety of applications, programming interfaces, and existing tools. These products come with a variety of templates and connectors that can handle applications such as syslog servers, Web analytic engines, Java messaging services, and databases, among others.
"Since we are using standard interfaces, we can integrate with a lot of different applications," said Zisapel. "There are a great variety of event sources, they aren't just security and server logs but other things that will provide insight into the processes that aren't working inside the corporation," said Selby. "These tools can answer questions such as if your HR people are inadvertently sending internal emails with confidential information."
Radware provides this example, also from the banking world: "We can look for money laundering situations for a bank, and see when customers transferred more than a certain amount of money from one account to another," said Zisapel. "We can collect these transactions and send them to an anti-fraud system." But they are also used by gambling sites, to prevent users from doing massive screen scraping of their webpages to improve their odds and game the system.
The downside? With starting six-figure price tags, these tools aren't cheap.
"Business intelligence is expensive, and just about anything that you are going to do is going to require that kind of investment," said Selby.