Watchfire Announces New Intranet Solution

WALTHAM, MA, August 8, 2005 Watchfire, a provider of enterprise software and services to manage online risk, today announced the availability of a new enterprise solution designed to monitor and report on issues impacting employee productivity, risk, compliance and cost containment on today’s complex corporate intranets.

Intranet Standards is a new module of Watchfire® WebXMâ„?, a solution that automates the scanning, analysis and reporting of online security, privacy, quality and compliance issues across corporate web properties.

Watchfire’s Intranet Standards module identifies sensitive and insecure content – health, medical, HR, financial, regulatory – that may expose an organization to risk if not properly managed. Regulations including Health Insurance Portability and Accountability Act (HIPAA) and other international employee data laws are among the regulations and reporting standards that may have implications on corporate intranets and may expose organizations to considerable risk if rigorous monitoring and management processes are not implemented.

Watchfire recently conducted a survey
(http://www.watchfire.com/resources/surveyresults.aspx) on issues directly impacting corporate intranets. Intranets house some of an organization’s most sensitive corporate data, and the results indicate a lack of intranet standards and security controls:

· 78% of respondents indicate their intranets house confidential human resources information, including employee contracts and expense claims. 30% of respondents say their intranets house customer data, and 41% of respondents say healthcare information is also kept on their intranets.

· 70% of respondents believe that temporary/contract and external contractors have access to their corporate intranets.

· Only 9% of respondents describe their intranet as “secure.”
· 17% of intranet sites have areas not password protected, and results indicate there is little or no controlled process of who is authorized to add or remove content. Content contributors range from human resources to sales and marketing.

“Increased risk from security and privacy non-compliance, not to mention outdated content, is motivating many companies to pay attention to their intranets, which in the past have been severely neglected,” said Charles Kolodgy, Research Director, Security Products, IDC. “The rise in regulations also requires organizations with corporate intranets to audit for security and regulatory compliance. Enterprises must look at their intranets as a strategic asset that needs to be managed like all other assets. They can add significant value to the company but they must also be cost- effective, secure and relevant.”

The Intranet Standards module includes 17 reports on adherence to intranet standards. All reports can be customized to your own specifications and legal interpretations.

Sensitive Employee Data Reports: Designed to help ensure that sensitive health data information is secure and in compliance with HIPAA and that sensitive employee information is protected. Organizations can use this information to help ensure that sensitive content is properly secured with access controls and that they are not collecting information they shouldn’t be. These reports find pages using:

· Drug and Disease names (HIPAA)
· Medical Terms (HIPAA)
· Personal Leave Data (HIPAA)
· Social Security Numbers
· Credit Card Information
· Payroll Data
· Retirement & 401K Data

Sensitive Company Data Reports: Helps to ensure that company data does not reside in unprotected areas, exposing an organization to risk. Sarbanes-Oxley, Section 404, requires that this kind of financial data is secured so it does not fall into the wrong hands. These reports find pages using:

· Financial Data
· Account Information
· Customer Data
Risky Content Reports: Designed to protect against risky content that may reside on the intranet.

· Third-Party Link Checks – finds all links to third parties
· Risky Word Use – finds political, racist and other inappropriate words
· Outdated Content – finds old content, such as product and pricing information

Navigation Reports: Helps to ensure the consistent use of navigation and search functionality on the intranet to improve employee productivity.

· Missing Search Box
· Proper Menu Use
· Help and/or Comment Link Use
A key value of corporate intranets is their ability to drive employee self-service. Unfortunately, the tendency for these web properties to become little more than a dumping ground of information undermines their true merit by minimizing employee productivity, knowledge sharing and search effectiveness. The new Intranet Standards module is a critical component of Watchfire’s comprehensive intranet solution offering that also includes:

· Quality Module: Scans online properties for issues such as broken links, slow loading pages, poor searchability, browser capability, usability errors, old content and non-compliance with internal quality standards. This improves site usability and enhances employee productivity by making information accurate and easier to find.

· Inventory Module: Conducts an automated inventory of an entire web presence – the sites, the web servers, the technologies in use and the organizational policies and standards in place — which enables organizations to significantly reduce costs through content and server consolidation.

· Accessibility Module: Helps ensure that a site is accessible to disabled and elderly employees and monitors for over 170 comprehensive accessibility checks such as appropriate text and background color contrast or the presence of text equivalent “alt” tags on images.

“Corporate intranets have grown to be millions of pages distributed globally, often with thousands of employees and contractors accessing the information. Due to their size, scope and the sensitive data they house, intranets often face more quality, risk and compliance challenges of external sites, and organizations are struggling to make them the efficient resource they were originally intended to be,” said Peter McKay, president and CEO, Watchfire. “Given the corporate, customer and employee data they contain, they present unique challenges, and organizations need to implement a more rigorous risk and compliance monitoring process.”

For more information on the WebXM Intranet Standards module, please visit:
http://www.watchfire.com/products/webxm/intranetstandards.aspx

About Watchfire
Watchfire provides software and services to manage online risk. More than 250 enterprise organizations and government agencies, including AXA Financial, SunTrust, Boots PLC, Veterans Affairs and Dell rely on Watchfire to monitor, manage, improve and secure all aspects of the online business including security, privacy, quality, accessibility, corporate standards and regulatory compliance. Watchfire’s alliance and technology partners include IBM Global Services, PricewaterhouseCoopers, TRUSTe, Microsoft, Interwoven, EMC Documentum and Mercury Interactive. Watchfire is headquartered in Waltham, MA. For more information, please visit www.watchfire.com.