UNC-Chapel Hill Chooses Covelight Systems to Protect Confidential Student Information

July 18, 2005
Covelight Percept privacy protection and fraud management system to protect from identity theft

CARY, NC - Covelight Systems, an innovator of solutions for privacy protection and fraud management, today announced that the University of North Carolina at Chapel Hill (UNC Chapel Hill) has selected its Percept Privacy Protection and Fraud Management System to protect web-accessed student information. UNC Chapel Hill is the nation's first state university with 26,800 undergraduate, graduate and professional students enrolled.

Covelight Percept is being used to secure UNC Chapel Hill's Student Central online application. Student Central is a portal on the UNC, Chapel Hill Web site that allows students to register for classes, check grades and billing information, update addresses, review personal academic information and perform general student administrative tasks online. Along with the convenience of web-enabled access, comes a security risk that Covelight is helping the university address.

"Covelight's Percept provides a security 'looking glass' into Web application traffic," said Douglas Brown, CISSP, Manager of Security Resources, UNC, Chapel Hill. "It gathers vital information that allows enterprises to accurately identify and mitigate security challenges facing Web applications, and helps enterprises quickly respond to security incidents."

"Universities are prime targets for identity theft," said Bruce Pharr, director of corporate marketing at Covelight. "There were 15 reported security breaches at major universities between March and May which put the personal data of over 600,000 students in jeopardy. While IT infrastructure security such as firewalls, network protection, and identity and access management may protect student information from unauthorized access, these measures are not adequate safeguards against criminals who purchase or steal IDs and passwords or who setup fraudulent accounts to gain authorized access to the information."

Covelight Percept protects confidential identity data from theft through authorized web-enabled access by comparing the key characteristics of login and subsequent activity with individual and collective norms to detect abnormal and suspicious activity as it occurs and immediately initiate an appropriate security alert.

"The Covelight team is a group of inspired innovators adding clear value in the security space," said Brown. "Covelight Percept is easy to install, and it doesn't require expensive and time consuming retrofits to our existing infrastructure. And, because it passively monitors traffic, it doesn't jeopardize application availability or degrade performance."

Covelight Percept provides privacy protection and fraud management for web-enabled applications by detecting fraudulent access through authorized channels and suspicious activity as it occurs, initiating immediate security alerts, and capturing a forensic audit trail.