We recently spoke with Sean Ofir from Observe IT and their Australian agent, Boaz Fischer from Commsnet Group about their innovative business that helps companies reduce insider threats including employee fraud, unauthorised access, hacking and more.
So tell us, what does Observe IT do?
At Observe IT we essentially help large organisations understand their business and insider risks by helping to identify individuals who are exposing the organisation to threats. We do this by looking at different user’s behaviour and understanding what they are doing based on their activities and devices they are using. This allows us to raise any red flags early enough before the company is harmed.
When employees or consultants are planning to leave a workplace, they tend to start collecting data, copying files, or using programs abnormally. Our systems can tell you that, for example, an employee has started using Dropbox with abnormally high activity or during after-hours. We can put such individuals on a watch list and start gathering the necessary evidence of the imminent fraud, preventing such actions before they can be carried out.
Are all insider risks posed by fraudulent employees?
Definitely not. Very often the internal risk comes from innocent and unsuspecting employees, who have good intentions but are oblivious to the firm’s online security policies. Many hackers today attack company’s security using innocent “insiders” as a conduit for their fraudulent behaviour, by installing viruses on unsuspecting employees computers (e.g. if the employee downloads a torrent which contains viruses).
Observe IT has a very powerful tool: what if it ends up in the wrong hands? Do its owners have policies as to who their clients are?
It is similar to selling a car. You don’t know if the buyer is going to drive the car responsibly or not. We merely sell a tool. In saying that, obviously, we have a very strict policy as to who is able to use our systems. We provide our system only to permitted countries and are constantly keeping track of who is using it and what purpose they are using it for.
OK so what is the usual customer profile?
The main industries we deal with are financial institutions; banks, insurance companies and financial services as well as the telecommunication industry. In Australia we have Telstra, Optus and of course the government sector as some of our major clients. The target market are those organisations that have sensitive targets, sensitive assets and they need to protect those critical assets from theft fraud or sabotage or mistaken breaches of security. Basically, whenever organisations are subject to heavy compliance requirements, clients will need us.
What are the positives of working in the Australian business environment?
Sean: I like the people and atmosphere and the honest and respectful way people do business. On an operating level it is a bit frustrating because of the laid back culture. Australians tend to do business only in the second half of the financial year, unlike America, who have a culture of finalising deals in the first half of the financial year.
Boaz: As an ex-Israeli, I look for Israeli technology that suits the Australian business environment. The security needs to be highly sophisticated and there is a constant battle to outwit the hackers. You cannot rest on your laurels. You have to provide a solution that has thinking way ahead of its time- that thinking mostly takes place in Israeli. .
You mention that of course Israel is the place where security thinking is way ahead of its time. Why do you say that?
Sean: People often ask how Israel became the second largest Silicon Valley in the world. It is a small country with no natural resources facing many challenges. It is precisely due to these challenges that the country has to focus on survival and security. This has driven us to define innovative technologies to protect us in terms of security and agriculture. Israelis also tend to be risk-takers. They come from the army, understand risk, and then adapt that approach to risk into the business world.
Boaz: The Jewish way of life believes in education. But saying that knowledge is power is not 100 percent accurate. Knowledge is only power when you put that knowledge into action. Then it becomes power. Furthermore, the principle of encouraging start-ups in Israel is very well supported by the government and local industry.
Recently we have participated in a loan transaction involving Bitcoin and the parties used Blockchain technology to enable the Bitcoin assets to be secured and held in escrow for the lender. What are your thoughts on Blockchain security?
Boaz: Bitcoin is a virtual currency which has created a lot of interest. There hasn’t been a lot of support from the financial community but it is slowly getting there. One of the challenges for people owning Bitcoins is losing the keys- if you lose your keys you lose your Bitcoins. Big companies holding keys in escrow have been hacked and lost all their Bitcoins. From the outset you need to understand HOW to manage and store the keys. I wouldn’t recommend storing the keys with a third party as there is no guarantee that that third party is fool-proof.
ObserveIT is trusted by over 1,200 customers in 70 countries across all verticals. For more information on ObserveIT, visit www.ObserveIT.com.