Prism Microsystems Inc. announced Monday the availability of EventTracker v6.2, the latest version of its complete SIEM (Security Information and Event Management) solution that integrates real-time log management, correlation and change management. Available immediately, a key feature of the new release delivers enhanced protection from insider theft by monitoring both the insertion and removal of USB (universal serial bus) storage devices, as well as by tracking any data that is modified, copied onto or deleted from such devices.

Data theft stemming from intentional or unintentional employee abuse is often the most damaging, costly and difficult to deal with. To be successful, companies have to entrust their internal users with access to critical resources and sensitive data. Ensuring the correct use of such access however, becomes difficult when employees can steal information from corporate networks and databases using ultra-portable USB devices.

Disabling USB ports across the enterprise hurts productivity at a time when businesses are increasingly dependant on storage devices for efficient file sharing. Some SIEM solutions have taken a step in the right direction by providing capabilities that monitor the insertion of USB devices; however this does not detect if a user has copied any data nor does it help with forensic analysis in tracking an internal breach to a specific user, system or time-period.

Prism Microsystems delivers business-critical solutions to consolidate, correlate and detect changes that impact the performance, availability and security of IT infrastructure. EventTracker, Prism's enterprise log management solution combines SIEM with change management to defend critical IT assets from emerging and traditional cyber attacks and ensure compliance with regulatory standards. Prism's solutions are designed for the needs of mid-size enterprises and are easy to use, feature rich and highly scalable. With over 650 customers in 50 plus countries, EventTracker is deployed in multiple sectors including government, financial, retail and healthcare. Prism has its corporate headquarters located in Columbia, Maryland.

"EventTracker 6.2 brings data protection and advanced forensic analysis to the Windows workstation. While monitoring servers to improve IT security remains essential, it is not enough - there are many points of potential data leak in the enterprise. With the prevalence of shared drives, theft can occur without any physical access to the datacenter. With insider abuse on the rise, companies need to be able to monitor workstations for theft in a way that is non-intrusive for employees. With the latest version of EventTracker, companies can not only monitor the use of USB devices, but also track files written to/deleted from such devices. When unauthorized activity is detected, automated remedial action can be launched to alert administrators and immediately disable the device," said A. N. Ananth, CEO of Prism Microsystems.

Other new features in 6.2 include Virtual Collection Point. The virtualization of the collection /processing /archival stack for maximizing the use of existing hardware, faster report processing and offers better scalability. It also offers remedial action whose launch action locally on a Windows workstation or on the server side in response to any event. It also offers support for Windows Server 2008. It also offers support for application log files in XML (Extensible Markup Language) and CSV (comma-separated values) format, in addition to support for IIS, W3C, EVT/EVTX, Text, NCSA, URLSCAN, HTTPERR. It also offers advanced log data analysis with Trend Analytics, and provides new reports for Cisco PIX, MS Exchange ActiveSync (mobile devices), NetAPP data ONTAP, Snort, NetScreen Firewall and Sophos AntiVirus.