We could have changed history!
In the famous fairy tale, Little Red Riding Hood approaches “Grandma” who is actually the Big Bad Wolf in disguise. After the initial moment of meeting, she notices that something’s wrong and starts to question her – “What a deep voice you have!” “What big eyes you have!” and finally “What a big mouth you have!” – which is the last uncertainty before she finds her way into the Wolf’s stomach.
If Little Red Riding Hood had used ProfileTailor Dynamics from the get-go, she would have gotten alerted about her Grandmother’s irregular behavior and could have saved herself. Done deal.
Let me prove how three strikes could have rapidly changed the story:
Strike #1: Behavior Based Profiling
Our software is centered around behavior based profiling. It learns each user’s behavior and compares it with the learned profile. So basically, when the Wolf first pretends to be Grandma, even before Little Red Riding Hood gets into the house, the system would have identified that the wrong person was posing as “user Grandma” and would have immediately sent alerts to the security guy, the Hunter. The Hunter would have gotten to Grandma’s house ahead of time and the story would have ended with less swallowing.
Strike #2: Comparison of Key Characteristics
When Little Red Riding Hood asks the questions, at least by the second question, she could have identified that the characteristics were not OK. Creating a profile in our world means that we know what activities a person is doing, the IP address that he used to access the system, and more. In parallel, we’d know the details of Grandma’s real characteristics – the size of Grandma’s eyes and ears, the way she walks, the sound of her voice – so when the granddaughter asks her second question about the weird characteristics, an SMS would have sounded on her smartphone with the text “Alert! High Risk! This person does not seem to be Grandma!!!”
Strike #3: Good Workflow Performance
And last but not least – when a user disappears from the system, (in this case, either Grandma or Little Red Riding Hood, as both were swallowed by the Wolf), the Hunter would have saved them, not just because he coincidentally had been walking by the house – but because he was alerted about a suspicious event of user elimination. In other words, the monitoring system should always check when a user is eliminated if a standard workflow has been conducted and approved beforehand. Users who “disappear” without a “leaving employee” workflow are suspicious. A good workflow will identify that the HR record of an employee was updated for “permanent leave” and will take care of closing all of his user accounts in all systems. A sudden termination of a username should create and send an alert to the Hunter immediately, for further action.
The Moral of the Story
So should Little Red Riding Hood have used ProfileTailor Dynamics? For her own sake she definitely should have, but for the sake of the story – well, considering the amount of security breaches that have been eliminated or stopped by ProfileTailor Dynamics up to today, there would be no story to tell our children.
…But yeah, don’t talk to strangers.
What other fairy tale can you think of that could have been solved using irregular-behavior identification? Share it with us, below.
You might also be interested in reading “Do you Understand the Meaning of Behavior Based Profiling? ”
Xpandion is the leading provider of Authorizations software solutions for ERP. If you have any questions or concerns about your authorizations, contact us now.