Addamark focuses on regulatory compliance

Data management company Addamark Technologies plans to announce a new version of its Omnisight software on Monday with features designed to help companies comply with a host of U.S. information security regulations, the company said.

Omnisight 2.0 is the latest version of Addamark's data management product and expands support for new data sources while adding new reports tailored to meet the requirements of specific regulations, the company said.

First released in 2003, Omnisight is a data management product that collects, retains and reviews log files generated by a wide range of devices, including application servers, databases and mainframe systems, according to Adam Frankl, vice president of marketing at Addamark, in San Francisco.

Log files gathered by an Addamark collector device are transferred to a dedicated log server running a customized database optimized to store and search log data, Frankl said.

The system is designed to be scalable. One terabyte of log data requires just 1G-byte of storage space, and the log data can be quickly searched and retrieved using query features built into a separate Analyzer component, he said.

With the new release, Addamark has added a Security Analytics Subscription (SAS) service on top of the Analyzer. The service allows Addamark customers to quickly generate reports tailored to the requirements of specific regulations, as well as prepared reports for reviewing suspicious activity, conducting security investigations or identifying company policy violations, Addamark said.

The idea is to address a specific business problem -- regulatory compliance -- with a tool that allows customers to quickly comply with demands for documentation required by courts and federal regulations such as Gramm-Leach-Bliley Act of 1999 and the Health Insurance Portability and Accountability Act of 1996 (HIPAA), Frankl said.

The recent US$10 million fine levied by the U.S. Securities and Exchange Commission against Bank of America Corp. for failing to produce documents in a probe of personal trading by a former employee is just one example of the need for such technology, he said.

Other improvements in Omnisight 2.0 include support for 40 new types of log files and a Web-based user interface for the Analyzer, Addamark said.

Addamark's technology is often lumped together with Security Event Management (SEM) products, but has a different purpose, Frankl said.

SEM products analyze and correlate log data from security products like firewalls and intrusion detection systems in real-time and contain sophisticated anomaly detection features. Omnisight is intended to efficiently gather, store and analyze log events over months or even years, and often works in concert with SEM products, capturing and storing their output in addition to that of other products, he said.

Noridian Mutual Insurance Company Inc. is using Omnisight 1.0 to comply with HIPAA and track potentially troublesome activities on its network, such as access to privileged patient files and databases, said Troy Aswege, assistant vice president of information systems at Noridian, based in Fargo, North Dakota.