State IT Services Agency protects sensitive information from internal misuse and fraud.
The Delaware Justice Information Services (DELJIS) facilitates the electronic sharing of case information among Criminal Justice Information System (CJIS) participants, which include state and local police, the attorney general’s office, the public defender’s office, courts, and Department of Corrections. Public safety has been greatly enhanced by CJIS criminal case information processing and exchange.
CJIS runs on a central mainframe system which provides several types of user interfaces. CJIS was protected by standard security tools which granted access only to authorized end-users. However, the tools could not monitor what users did or detect or prevent misuse.
DELJIS staff were hobbled by their limited security monitoring capabilities. They lacked the ability to reconstruct user actions to find what specific data was accessed, or to know “beyond a reasonable doubt” if other users had accessed the same information within a specific timeframe. Log files stored on tape were never intended to be audit trails, so investigators had to plow through mountains of paper—reviewing six months of data routinely took more than two months. The DELJIS staff recognized the critical situation they faced and began a search for the best security solution.
Bottomline’s Intellinx Cyber Fraud and Risk Management Solution
Within a few hours after the Bottomline Intellinx pilot system was installed, it was up and running, recording the activity of all users connected to the mainframe. Investigators could now quickly search for user sessions based on any field value and visually replay user sessions, screen by screen. Thanks to a very successful pilot, the Intellinx system was deployed into full production in a very short time.
Bottomline’s Intellinx Analytic Engine technology tracks user behavior patterns at the application screen level, building profiles of users and groups with no performance impact. The non-invasive system generates alerts on suspicious events in real time based on sophisticated algorithms that compare questionable actions with historical and peer behaviors. Recorded data is encrypted and digitally signed, enabling it to be accepted as forensic evidence in court cases.
The Intellinx solution has reduced internal investigation time by more than 90% by replacing labor-intensive, error-prone manual processes with automated, real-time workflows. The system has proven to be an effective deterrent since users know that all their actions are recorded. DELJIS staff now have time and resources to investigate every request from law enforcement agencies, not just major crimes. Intellinx also ensures that the agency fully complies with state and federal record privacy laws.
In the Customer’s Own Words
“The Intellinx results were overwhelmingly jaw-droopingly successful. The logging system performed far better than expected. Turnaround time with the Intellinx system was fabulous.”
Ms. Peggy Bell, Executive Director, DELJIS