Media Coverage

October 28, 2016

Is Continuous Screening the Future Normal?

SHRM

“‘Background check vendors do a good job with the past,’ said Raj Ananthanpillai, CEO and president of IDentrix, a cloud-based technology that combs publically available sources, including criminal and court records in real time. ‘But people are dynamic and so is the risk they pose to organizations. One-and-done background checks don’t account for the dynamic nature of risk factors.’ … Advances in software mean that continuous, automated risk monitoring can be conducted in real time by analyzing public records. IDentrix assesses risk factors from criminal, financial and professional data sources to keep the employee’s risk profile current. ‘We scour the same thousands of data sources, all in the public domain, and we look at attributes that are relevant to the employer. Trucking industry employers need to know if their drivers got a DUI or aggravated driving incident. Health care employers need to know when their workers’ licenses and certifications expire.'”

Read More

October 17, 2016

Slow implementation of insider threat programs not the cause of latest incident

Federal News Radio

“This is all about continuous risk monitoring and evaluation of the cleared workforce. It’s become a people problem, not a technology problem,” [Raj Ananthanpillai, the CEO of IDentrix], said. “It’s unfortunate to say that we’ve arrived at a place where no one can be trusted. Being able to connect the dots between external behaviors and potential risk assumed inside an organization is the new reality. Background screens of employees are conducted at time of hire. What happens between the gaps of time around reinvestigations — 1, 5 or 10 years? Is there a major life event that triggers an employee’s financial situation or substance abuse that may come to work with that employee? These are the things that we might miss when contractors or agencies wait too long to re-screen. The combination of external and internal risk monitoring and evaluation can provide advance warning and alerts for agencies and government contractors.”

Read More

October 17, 2016

3 Steps to Implement an Insider Threat Program

United States Cybersecurity Magazine

Before you develop an insider threat program, it’s important to make sure it addresses the requirements outlined by the DSS NISPOM Conforming Change 2. The 13 monitoring guidelines as specified in the Defense Security Service Industrial Security Letter include: allegiance to the U.S., foreign influence, foreign preference, sexual behavior, personal conduct, financial considerations, alcohol consumption, drug involvement, emotional, mental, and personality disorders, criminal conduct, security violations, outside activities and misuse of information technology systems. Keeping these guidelines in mind is critical to creating a program that can gather, integrate and report relevant and credible information in a timely way.

Read More

October 17, 2016

3 Steps to Implement an Insider Threat Program

NextGov

By the end of November, the new DSS NISPOM Conforming Change 2 will impact DOD contractors who must have a written program in place to establish an insider threat program. These programs must be able to deter, detect and mitigate insider threats before they can become a risk to classified information. These changes stem from growing concerns over insider threats in recent years because of a number of high-profile incidents. Malicious insiders are a top security threat for federal agencies. For security professionals monitoring cleared personnel, changes in life circumstances can signal alerts that a potential threat could be looming.

Read More

October 3, 2016

Q&A: IDentrix CEO Raj Ananthanpillai on How Contractors Can Prepare for the Insider Threat Monitoring Rule

FedPulse

“Federal contractors will be required to monitor the risks posed by their cleared workforce, both on the job and outside the job. They need to do this by implementing a written program that will detect, deter and mitigate insider threats by gathering, integrating and reporting relevant and credible information covered by any of the 13 personnel security adjudicative guidelines. This may include suspicious network activity, personal conduct, financial considerations, alcohol and drug use, mental or personality disorders, and criminal conduct or security violations. The consequences of non-compliance are potentially drastic: If contractors do not implement procedures for monitoring those clearance holders, they could lose their facility clearance — which would in all likelihood mean the company would lose its contracts.”

Read More

September 21, 2016

Background Screening Goes with the Workflow

SHRM

“Although most companies screen employees once, at the prehire stage, the new normal may be continuous, post-hire monitoring. Post-hire due diligence can identify something that may have been missed initially or new threats that may arise due to an individual’s change in circumstances. ‘One-and-done background checks are limited and expensive and don’t account for the dynamic nature of risk factors,’ says Raj Ananthanpillai, CEO and president of IDentrix, a cloud-based technology that combs public records, including criminal and court documents, in real time.”

Read More

September 1, 2016

The Morning Risk Report: Defense Contractors Face New Insider Threat Rule

The Wall Street Journal

“‘This is a step in the right direction,’ said Mr. Ananthanpillai, as more stringent oversight has been discussed since the Edward Snowden data release of government secrets and the fatal 2013 shooting of 12 people at a U.S. Navy facility in Washington, D.C., which was done by a person who had a security clearance. The problem, said Mr. Ananthanpillai, was that a contractor didn’t have to do any checks on employees after they had secured an initial clearance, leaving a period of time–up to five or 10 years depending on the type of clearance one has–before another check was conducted. A worker with clearance could ‘do some serious damage’ during that time, he said. ‘It’s all about how to keep up with that.’ Contractors will be responsible for monitoring employees of any subcontractors they use if that subcontractor doesn’t have its own clearances.”

Read More

July 12, 2016

Healthcare organizations need to avoid the liability gap

HIT Leaders and News

“By bringing external public records together with internal data such as personal reviews and network activity, health care organizations can drastically reduce their exposure to insider threats and prevent incidents that drive clients to rival facilities. Periodic screens force managers to manually sift through outdated information, which fails to evolve. There have been too many examples of fraud, crimes and data breaches to believe the current screening process is working well. Healthcare organizations need a screening process that’s as dynamic as their personnel. The answer lies in continuous risk monitoring and a real-time risk status for every employee.”

Read More

June 28, 2016

People on the Move: Phil Usatine, Chief Technology Officer at IDentrix

Washington Business Journal

IDentrix, a leading provider of identity-based risk monitoring solutions, has named Usatine as chief technology officer. Usatine will spearhead development of the patented platform, which analyzes publicly-available data and alerts organizations about employee risk.

Read More

June 20, 2016

The Emergence of Infinity Screening

PI Magazine

We originated the term infinity screening in 2006 when the data base technology for being able to conduct on-going, continuous or reoccurring screening emerged. We saw the “hand writing on the wall” and that the dye had been cast for significant change to occur in the background screening industry. It has been a slow and arduous journey, but every year more and more firms are moving to conducting infinity screens.

Read More
Follow Endera on: