This 1871 startup uses machine learning to help companies manage data risk

by Andreas Rekdal
November 14, 2016

From industrial manufacturing to healthcare and finance, practically every industry is embracing data as central to thriving in the marketplace. But as good use of data becomes indispensable for boosting a company’s bottom line, protecting critical systems from unauthorized access becomes more important too.

1871-based cybersecurity firm Anomalix uses analytics and machine learning to help companies strike the balance between access and security. It does so by matching repositories of employees and vendors to the user credentials and activity across all of the organization’s applications.

“You’ve got to figure out who’s who, and who has access to what,” said founder and CEO Mohammed Elkhatib. “Then you have to establish risk context for the access and for users. Now you can make data-driven decisions based on who should and shouldn’t have access, based on risk.”

Once a company maps out its current access structure, that structure can be compared to what the security audit suggests it should look like. Based on that comparison, the company can start removing users from systems they shouldn’t have had access to in the first place.

Another problem these types of audits often unveil, said Elkhatib, is that people who no longer work for the organization still have access to sensitive data and applications.

Once a correct baseline of permissions has been established, a lot of future access controls can be automated. For instance, if a user gains or loses responsibilities, or violates some company policy, their access to certain systems can be automatically revoked. Likewise, if a new entry-level accountant is starting work on Monday, a new user can be created automatically with access to the same systems that employee’s peers have.

But while ensuring that the right employees have access to the right systems is important, that is only one part of the security equation. Anomalix also uses machine learning to unveil suspicious patterns in how and when users are accessing sensitive systems.

“Say we have a user who’s brand new to the organization, and they’ve been granted access to a compliance- or business-relevant system, and within minutes they’re starting to download terabytes of data,” said Elkhatib. “That’s a problem. Someone should look into that.”

Although he got his start in tech as a software engineer, Elkhatib has spent the past sixteen years in cybersecurity. His resume in the security industry includes stints at Cisco, IBM and Netegrity. After founding Anomalix in Skokie in 2013, he has grown the company to 25 employees entirely without fundraising.

The company recently located to 1871, and Elkhatib said he is excited to continue growing his company in Chicago.

“There’s a lot of smart talent here,” he said. “We had the opportunity to launch Anomalix anywhere, and we looked at moving to Silicon Valley and contemplated going to Florida. But we made the decision that Chicago is home.”

Image via Anomalix.

Got a tip for us? Drop us a line or tweet us @BuiltInChicago

Jobs at Anomalix

Chicago startup guides

Best Companies to Work for in Chicago
Coolest Offices in Chicago Tech
Best Perks at Chicago Tech Companies
Women in Chicago Tech