Real Time Security Notifications
Some events are best addressed as they occur. Personnel are on duty and charged with monitoring situations and responding to these events at once. Central computer systems frequently have an operations staff charged with this responsibility. These personnel may be notified of these events through a computer console, by email, or by text message.
System Detective provides a method of real time notification through a computer terminal authorized to receive operator messages or through a computer job that provides notification using the full capability of the computer system, including email which may be used to provide paging and text messaging.
For example, a user (or class of users) who works with sensitive information on weekdays, is not expected to log into the computer system after hours or on weekends. System Detective rules might be configured to detect his login after hours or on weekends and display a message on the security operator’s terminal if this event occurs. The rules could also provide for logging the unusual user session to provide an audit trail.