February 13, 2012, 2:28 PM — This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter's approach.
Everyone's seen the headlines. TJX. RSA. Playstation Network. Symantec. Major corporations with massive investments in network security reduced to public ridicule and expensive liability by hackers. Even governments aren't immune, as proven by online vigilantes like Wikileaks and Anonymous.
RELATED: Data breach quiz
It's no longer a question of if network security is going to be circumvented. It's a question of how often - and how much it's going to cost to clean up the mess. When that happens, how does a company ensure that its financial transactions - arguably its most essential digital resource - maintain their accuracy and integrity?
Ironically, financial transactions themselves carry the essential information that can make them impervious to attack, even when security measures fail. The solution comes from a relatively little-known but rapidly growing technology called Continuous Transaction Monitoring (CTM).
What Your Transactions Can Tell You
CTM automatically extracts key transaction information from ERP systems across the enterprise. This data is kept in a secure, independent data warehouse so consistent analyses can take place across disparate systems. These systems are often managed by an outside party to minimize the risk that a compromised user account can tamper with the CTM data.
CTM applies multiple forensic techniques to each transaction as it is executed. These ongoing, real-time analytics give line managers and senior executives plain-language insight into improper or fraudulent transactions, which in turn enables immediate response to complex, rapidly changing attack scenarios. Business process owners can connect high-level trends to the root cause underlying unexpected results without having to wait for reconciliations or audits.
The technology is used for a wide variety of financial needs, such as monitoring purchase cards or travel and expense programs for fraud or misuse, eliminating duplicate or improper payments, or tracking regulatory and corporate compliance.
However, CTM's advanced analytics also enable more sophisticated uses. In one example, a CFO wanted to connect the identification of high-risk vendors and suspicious transactions with the ability to recognize potential FCPA liability situations.
CTM's analytics recognized patterns that only occur at the transaction level so that seemingly unrelated events could be identified and rectified before they became crises. One manager rather than four now handles initial review and escalation for high-risk situations, and the company overall responds daily to FCPA risks that previously couldn't be identified until months after the fact - if ever.
Another company uses a nearly identical CTM platform for a very different purpose. This organization suspected that the same items were being purchased in similar quantities at significantly different prices. However, every purchasing manager was operating within corporate controls and policy. The company knew it was overspending, but it couldn't tell where or by how much.
Using CTM, this company now finds better deals before orders are executed. Every line item on a purchase order is automatically analyzed against similar SKUs - even ones originating in nominally incompatible systems. Opportunities to secure better prices get directed to purchasing managers automatically - before the purchase order is issued to the vendor. Equally important, the CFO receives ongoing reports into vendor contract compliance and areas where the company can negotiate better deals.
While CTM is not a network security technology, it provides an essential security function. Data is always at risk, whether accessed at the network, database or application level. However, the patterns behind improper transactions are consistent. Vendor numbers don't match. Multiple purchases at just under the allowed limit show intentional attempts to circumvent spending limits. The list of patterns that can be recognized once CTM analytics have been applied is almost limitless.
