Clients of TriGeo Network Security Inc. are given a small box,about 650 rules to live by and membership in a community thatcontributes to the enhanced internal and cyber protection of all,its chief spokesman says.

Those rules are the correlations of specific kinds of networkactivity-from simply playing solitaire to an attempted visitthrough a firewall from a computer based in a suspect country-intoalerts (and later, compliance reports) for the people who need toknow but have a lot of other things on their plates.

“Our target market is the small to medium-size businesses thatdo not have the luxury of large security operation centers staffedwith professional security analysts. They feel a bit isolated andthat they are on their own,” said Michelle Dickman, president/CEOof the Idaho-based provider of network security to clients thatinclude hospitals, insurance companies, electrical utilities,grocery retailers and about 200 credit unions.

“When a customer buys the TriGeo SIM technology, they actuallyjoin a community,” Dickman said, a community served by what thecompany calls its NATO-5 concept.

“The name is drawn from the fifth article of the NATO alliance,which states that 'an attack on one is an attack on all,'” Dickmansaid. Using client input and the work of her own staff of cybersecurity and network specialists, correlations (or rules) arecreated and distributed to the client community for deploymentthrough her company's TriGeo SIM device.

The device continuously monitors activity and provides real-timelog analysis that can actively respond by blocking IP addressesfrom entering the network while alerting key personnel throughe-mail, cell phones, pagers or PDAs, the company said.

Shipping with more than 650 prepackaged rules already installedis a differentiator, she added, noting as an example one competitorshe said ships with 13 correlations “that they want you to cloneand use to write your own. Our competitors want you to write yourown or pay their professional services to do that. We went theother way. We provide them free of charge as part of our supportservice.”

And although she sells devices, the approach goes well beyondhardware, Dickman said. “Network security is a process not just aproduct,” she added.

That philosophy is shared by Alan McHugh, manager of informationtechnology at $207 million U.S. Postal Service Federal Credit Unionin Clinton, Md.

“Security is not just a department of IT. It has to be acompany-wide policy, and if you have a breakdown in any of those,you might as well not have anything,” he said.

McHugh said the TriGeo system has been useful in handling boththe apparently mundane and potentially sinister. Someone playingsolitaire on the network, for instance, gets the game shut down anda pop-up window from IT telling then to quit playing games at work.IP addresses from places where his members normally wouldn'tbe-such as Latin America, Africa or the Far East-also draw instantscrutiny.

McHugh said he also likes the USB defense feature, which allowshim to ensure that only the appropriate user-for instance, theCEO-has the PIN and access to use that specific external device onthe system.

“Credit unions have to look really hard at the way people canaccess information, can access your system, and you have to thinkabout inside problems as much as outside these days,” McHugh said,noting that many of the large corporate security breaches of latehave been inside jobs.

He said he regularly participates in sharing the adjustmentshe's made to rules in his system with other credit unions. He'salso a member of a CUNA list serve that shares IT securityinformation as well.

“Me sharing information with them is not going to hurt mybusiness, and we can all share our resources. It's a beautifulthing, because I don't have to reinvent something or delve too farfor an answer that somebody already has,” McHugh said.

Dickman said she sees that attitude a lot.

“While operationally they're not that different from communitybanks, credit unions will share information with each other in asnap in ways that banks won't. Things there are extremelycompetitive,” she said.

The TriGeo CEO can rattle off example after example of ways thather clients have thwarted potential problems-such as a nightsecurity worker trying to log onto the network-and helped eachother, including a Southern California credit union that developeda key cross-scripting rule. She also cited cooperation in headingoff dangerous cyber threats.

Scott Schoolcraft said he's seen the results in his short timeas a TriGeo user.

“With credit unions, that's just the way it is. We're happy tohelp each other out because we're not here to make a profit, but tohelp members, and that lends itself to helping out each other,”said the vice president of systems at $151 million Star USA FCU inCharleston, W.Va.

He credits his TriGeo device with quickly picking up thepernicious conficker worm in a computer on his network, at a tellerstation that was trying to send out spam. That was made possible,TriGeo's Dickman said, by quick distribution of a newconficker-fighting rule to the TriGeo customer network.

Schoolcraft said his new system also has made it possible forhis two-person shop to now keep up with event logs at each locationand end outsourcing of 24-hour monitoring of firewall activity.

“There was a little learning curve in the beginning, and it kindof helped that me and the girl who works for me had a littleprogramming background-just to understand the flow of how it allworks, but the training they give you is really all you need,” hesaid.

“Once we had that, we were up and running.”

–[email protected]