In Rus­sia, the boss is al­ways lis­ten­ing—even to your mo­bile phone calls

▶ Rus­sian tech­nol­ogy lets em­ploy­ers lis­ten to cell calls ▶ “A hot ticket for any com­pany seek­ing to pro­tect” se­crets

Bloomberg Businessweek (North America) - - Contents - -Ilya Khren­nikov Edited by Jeff Muskus and Dim­i­tra Kessenides

Ever sought a bit of pri­vacy by step­ping away from your desk to make a per­sonal call on your cell phone? Soon, that may not be enough to pre­vent the boss from lis­ten­ing in, at least not in Rus­sia. A Moscow se­cu­rity com­pany has de­vel­oped tech­nol­ogy that lets em­ploy­ers eaves­drop on cell calls made on their premises. In­fowatch says the prod­uct is le­gal in Rus­sia, and it’s scout­ing for other mar­kets where banks, gov­ern­ment agen­cies, or any­one else try­ing

to pre­vent leaks of con­fi­den­tial in­for­ma­tion would be al­lowed to em­ploy it. “These tech­nolo­gies have been used by se­cret ser­vices or the mil­i­tary in cer­tain coun­tries,” says Natalya Kasper­sky, chief ex­ec­u­tive of­fi­cer of In­fowatch. “Our break­through is in ap­ply­ing them for cor­po­rate se­cu­rity.”

In some places, In­fowatch and its clients risk law­suits from work­ers who’d balk at the idea of the boss mon­i­tor­ing their calls, says Petr Gorodet­skiy, an an­a­lyst at re­searcher Gart­ner. “This tech­nol­ogy may be­come a hot ticket for any com­pany seek­ing to pro­tect its com­mer­cial se­crets,” he says. “But it can’t be rolled out in mar­kets where it may trig­ger court claims.”

In­fowatch says the tech­nol­ogy doesn’t com­pro­mise pri­vacy be­cause ini­tial screen­ing is done by com­put­ers that an­a­lyze and scan calls for key­words. Se­cu­rity per­son­nel only get in­volved if there’s cause for con­cern, the com­pany says. In­fowatch al­ready sells soft­ware for mon­i­tor­ing other com­mu­ni­ca­tion chan­nels—land­line phones, e-mail, mes­sag­ing apps— to cus­tomers such as Rus­sian wire­less car­rier Vim­pel­com, Aus­tria’s Raif­feisen Bank In­ter­na­tional, and oil gi­ant Gazprom. The com­pany’s rev­enue reached 1.1 bil­lion rubles ($17 mil­lion) last year, mostly from its Traf­fic Mon­i­tor ser­vice, a ba­sic ver­sion of which costs $3,000 to in­stall on as many as 100 com­put­ers.

That prod­uct lets com­pa­nies vet in­for­ma­tion trans­mit­ted via cor­po­rate e-mail, file-shar­ing ap­pli­ca­tions, in­stant mes­sages, and Skype, and it can track what gets stored on USB sticks or other re­mov­able me­dia. The com­pany says it can even in­ter­cept en­crypted mes­sages from ser­vices such as What­sapp and Tele­gram, but it de­clines to give de­tails. “Our only loop­hole has been voice traf­fic on mo­bile phones—we didn’t mon­i­tor that,” says Kasper­sky, who co-founded Rus­sian an­tivirus com­pany Kasper­sky Lab in 1997 but left it in 2007 af­ter split­ting up with hus­band Eu­gene Kasper­sky. As part of the split, she got con­trol of In­fowatch, orig­i­nally a unit of Kasper­sky Lab.

The mo­bile mon­i­tor­ing tech­nol­ogy works in con­junc­tion with a de­vice that am­pli­fies wire­less calls in­side

build­ings and hands them off to the broader net­work out­side. Us­ing soft­ware orig­i­nally de­vel­oped for the Soviet-era KGB, the de­vice can con­vert calls in 35 lan­guages into text and search for words such as, say, “bro­ker­age ac­count” or “share of­fer­ing”— though there’s no rea­son it couldn’t also search for “foot­ball,” “sex,” or any­thing else. If a sus­pi­cious phrase is found, the text frag­ment gets sent to the client’s se­cu­rity depart­ment.

Ste­fano Zanero, a pro­fes­sor at the Poly­tech­nic Univer­sity of Mi­lan who spe­cial­izes in cy­ber­se­cu­rity, cau­tions that be­sides be­ing il­le­gal in many coun­tries, the heart of the ser­vice may not be re­li­able. “The part that puz­zles me is how suc­cess­ful speech recog­ni­tion, tran­scrip­tion, and au­to­mated anal­y­sis of texts can be,” Zanero says. “I don’t think this can be very ac­cu­rate.”

In­fowatch says it has pre­orders from com­pa­nies in In­done­sia, and that oth­ers in Rus­sia, other for­mer Soviet coun­tries, and the Mid­dle East have ex­pressed in­ter­est. Two of its cus­tomers are test­ing the pro­to­type, and the fi­nal prod­uct is slated for re­lease by yearend. The com­pany hasn’t yet set a price. In the small but grow­ing mar­ket for data-leak preven­tion—set to ex­ceed $1 bil­lion by 2020, ac­cord­ing to Gart­ner—in­fowatch faces for­mi­da­ble ri­vals such as Sy­man­tec and Raytheon, which of­fer mon­i­tor­ing sys­tems for cor­po­rate data net­works.

Kasper­sky ac­knowl­edges that Western Europe may be a chal­lenge be­cause of le­gal ob­sta­cles and pri­vacy con­cerns. But in Rus­sia and many other coun­tries, work­ers of­ten sign agree­ments al­low­ing em­ploy­ers to mon­i­tor their ac­tiv­i­ties at work, she says. In May, Rus­sia’s cen­tral bank started rec­om­mend­ing that banks mon­i­tor em­ploy­ees’ per­sonal mo­bile phone calls at work along with e-mails, in­stant mes­sages, and re­mov­able me­dia. “Ig­nor­ing this chan­nel of po­ten­tial data leaks— af­ter we’ve got all other chan­nels un­der con­trol—would be un­pro­fes­sional,” Kasper­sky says. “And we are pro­fes­sion­als.”

The bot­tom line A spinoff of Rus­sian se­cu­rity com­pany Kasper­sky Lab has de­vel­oped tech­nol­ogy that lets em­ploy­ers lis­ten in on mo­bile phone calls.

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.