Logical and physical security integrated by U.K. startup

Overtis Group Ltd has announced a product that combines logical and physical security, which it says could prove useful as a forensics tool.

LONDON -- Overtis Group Ltd, a new company based in Oxfordshire, is aiming to close the gap between logical and physical security with the introduction of VigilancePro 5.0.

The new product combines the ability to look for digital fraud with the facility to track physical events within a building and to detect suspicious or unusual behaviour.

Within most U.K. enterprises, logical and physical security are usually handled separately by separate teams, even though they both aim to protect their organisation's assets. Yet some say there are significant benefits to creating tie-ins between physical and logical or information security, especially in regard to detection of attempted corporate espionage and mitigating insider threats.

Speaking at the Infosecurity Europe 2010 exhibition, Overtis chief executive Ed McNair explained that the system is able to monitor and enforce policy through agents that are installed on endpoint devices, such as laptops and smart mobile phones. The system also has API that enables it to link to a variety of physical systems, such as door access controls, CCTV systems and even heating and ventilation.

"If an event occurs," said McNair, "we can combine the footage of the CCTV, a screen shot of what's happened on the computer and any other relevant information to show what happened."

He added that the system can also be used to prevent theft from warehouses, since it can communicate with RFID tokens, and flag any unexpected movements.

McNair said the VigilancePro 5.0 logical and physical security product can enforce encryption on endpoint devices down to file and folder levels, and manage content movement according to classification tags, keywords and phrases. It can also check for content such as credit card numbers or National Insurance numbers.

In addition, the product allows customers to set whitelists and blacklists of applications, and also manage how certain applications are used. For instance, policy could dictate that only certain people could post messages to Facebook.

The VigilancePro agents can be installed on standard Windows laptops as well as on BlackBerry and Symbian mobile devices. The agent can also run on Windows Terminals Services to create a secure zone of connected terminals.

Overtis was founded in 2008 and later acquired the antifraud technology of KnightRider Ltd, a company created by Jeremy Barker, a Briton who worked with the FBI in the U.S. on the now-defunct Carnivore programme, which aimed to monitor email and electronic communications. Barker is now head of research and development for Overtis.

The company now employs 30 people, said McNair, and its technology has already been adopted in four police forces.

Fran Howarth, a senior analyst with London-based Bloor Research Ltd, said: "This is very valuable, because it allows you to protect all your assets. I've not seen anything quite like it."

She suggested the combination of physical and logical security has multiple uses in business. For instance, in the supply chain, it could not only help to cut theft, but it could also provide an audit trail to show what processes a product went through. The open API, she said, would also allow it to interface with intelligent video analytics systems, which can be used to detect unusual behaviour patterns on CCTV, for instance in shoplifting or workplace violence.

"Combining that with the digital security side," she said, "it would provide a lot of forensic evidence if you needed it."

Read more on Endpoint security