Employee skills play their part in setting security policies, thanks to newly patented Kaspersky Lab technology
Employees of companies often lack experience of working with computers and online services, which may result in an infection of their workstations and endanger critical business data. A new technology from Kaspersky Lab makes it possible to assess staff competence, and automatically assigns different security settings to distinguish between advanced users and newbies.
User understanding of IT security issues has a significant impact on protecting staff computers: a user with a higher awareness is less likely to run a malicious attachment or access a dangerous website. Just one employee with limited knowledge can cause serious problems for a company. For example, a survey conducted by B2B international in July 2012 shows that 31% of companies have suffered data leakage caused by members of staff.
Our new technology, developed by Oleg Zaitsev and Stanislav Shevchenko, is based on an automatic assessment of the employee's computer literacy level. The proposed system, for instance, takes into account which applications are used by the user, password complexity etc. Security policy violations, such as copying confidential information, using webmail services etc., are also considered. This data can be used to expand rights for highly experienced users or place additional restrictions on newcomers or employees known to violate security rules.
The Kaspersky Lab technology also warns employees who have violated security policies – the notification may be provided in text, audio or video format. This approach is intended to increase the user’s computer literacy and help to prevent repeat violations, whether unintentional or deliberate.
New patent № 2460122 brings to over 60 the number of patents Kaspersky Lab holds in Russia. The company’s entire patent portfolio now includes over 120 patents granted by the relevant authorities in the US, Russia, China and Europe.