Security software that's perfect for San Francisco government

Demo: Listen up Mayor Newsom. There's new software on the block you might want to check out that keeps a close eye on IT workers.

Elinor Mills Former Staff Writer

Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service and the Associated Press.

See full bio

Elinor Mills

Sept. 11, 2008 10:26 a.m. PT

SAN DIEGO--A standoff between San Francisco city officials and a city employee jailed this summer for allegedly refusing to reveal passwords to the city's computer network could have been avoided with technology launched this week at DemoFall.

Terry Childs, a network administrator for the city of San Francisco, was jailed July 13 on four felony charges of taking control of the city's computer network and locking administrators out. He eventually gave up the passwords to the Mayor in a secret jail-cell meeting a week later.

Things would have been different if the city had been able to use Lanxoma, software used to authorize and monitor activities of IT administrators, according to Manoj Patel, chief executive of Lanxoma creator Unity Solutions. The product was launched Monday at DemoFall.

The software records everything IT workers do while having privileged access and ensures that they can't do anything without first being authorized. It logs every action they take, including recording their keystrokes.

The insider threat is the biggest of the threats facing corporate and large-scale networks, and IT workers have the most power to do damage because they have access to everything on the network, according to Patel. Enforcement is key, he said, adding that not every IT worker needs free reign of the network.

"It can't stop (the action), but it creates evidence that can be used to prosecute a worker," he said. "Just like a video camera. It doesn't prevent the break-in," but it helps the investigation.