IBM announced a new security product Friday that helps protect companies from internal attacks on their IT systems.
The Identity Risk and Identification software analyzes the activity of users on a network, looking for irregularities that might be a tip-off of unauthorized or improper access.
The component is part of IBM's Identity Management Services, one of its security software offerings. The software is configured to integrate with the company's Tivoli Identity Manager and Tivoli Access Manager, both of which manage passwords and permission to use applications, IBM said.
The new software can compare a user's previous online activity with new activity along with plotting that use against other peer users, IBM said. It can also do a prospective analysis, providing a heads up for potential misuse, IBM said. Patterns can be plotted in reports, the company said.
IBM said Identity Risk and Identification is a step beyond user IDs, passwords and even biometric or secure cards, since those ID methods confirm user access but can't verify proper use.
A 2005 survey by the U.S. Federal Bureau of Investigation and the Computer Security Institute found that 56 percent of organizations reported internal security breaches, a figure that represents a growing threat to businesses, IBM said.