What is e-StepControl?
E-StepControl is a software used as a means of data security to identify any suspicious activity likely related to privileges violation that is carried out by an information system user or by some other person using stolen user account data. The suspicious activity is understood as the activities that were not typical to the particular user behaviour during the previous accesses to the information system.
E-StepControl is a solution that enables the information system manager to detect, for example, the events of user account data stealth and misuse by another person acting on behalf of the user without his/her knowledge, or the events of violation by the user of his/her privileges for any reason.
What is the purpose of the Software?
e-StepControl is aimed to identify suspicious activities of authorised system users and inform the system manager of such activities.
Some examples of suspicious user activities:
- The user starts searching the system for a larger amount or a broader range of data than he/she was typically searching during previous sessions.
- The user performs a repetitive operation with increasing frequency, for instance, prescription of massive amount of the same type medication is detected.
- The form of user system authentication is not typical to the user’s previous accesses or there are significant changes in the typical system access time.
How the System works?
e-StepControl carries out application-level event analysis; its main advantage is the ability to use both signature-based event analysis and anomaly-based approaches.
e-StepControl activities are logically divided into the following steps:
- „Capture user activity events, learn and form a user activity pattern” - Initially, the system captures event data from the monitored system and complements its knowledge of a particular user or user group behaviour.
- „Carry out real-time monitoring, identify deviations, report” - Since the collected user behaviour data amount is considered to be sufficient, the event data captured later are compared to the generated behaviour pattern of the respective user based on pre-defined metrics. Finally, e-StepControl decides which user activities are to be considered as abnormal and sends an alarm message to the security module of the system under monitoring.
Address: Tallinas Street 51a, Riga, LV-1012
Contact person: Aivars Rožkalns
Phone: +371 67082600