+375 (17) 311-10-14
+375 (17) 311-10-14
Try for free
Try for free
+375 (17) 311-10-14
    10.06.2021

    How does a security officer discover an insider using DLP-system?

    Are you sure that you can trust your employees? Don’t you worry about those who work with sensitive information? Can you be sure that among the employees there isn’t an insider who secretly sends important documents to unknown people? Today we are going to speak about who is a security officer and how they can help in discovering the insider.

    A security officer is an expert who watches over business’s interests. They protect important and valuable information of the company. Using different software, they counteract hackers’ attacks and phishing attacks, and discover information security incidents. Let’s see how does the security officer discover insiders within the company’s network with the help of DLP-system SecureTower.

    To clarify the meaning of the term “insider”, usually it is a person who causes damage to business by their actions or inactions on purpose or unintentionally.

    Each employee is a possible insider. Some of them “mean well”. For example, they print sensitive documents to work with them at home, but then lose them or leave unattended in public place. Some of the employees are too trustful by nature – they often become victims of hackers using social engineering methods. Of course, there are employees who steal data on purpose, send them to third parties or use with their own purposes. For example, they blackmail the company to gain finance benefit.

    How can the DLP-system help? SecureTower is equipped with a great number of tools to analyze the employees’ activity and discover data leaks. Here is how it works:

    Step 1. The security officer develops security policies that help to track events related to information security such as transmitting of important documents, employees’ working with them. When the security policy triggers, the security officer gets a notification. Now they can move from control of general activity to observing an incident in detail.

    Step 2. The security officer investigates the incident. At their disposal, they have tools that can help:

    • To analyze the employees’ activity in retrospect. These tools help to reveal all partners in crime. With the help of SecureTower, it is possible to understand the employee’s intentions, whether they work on their own, who are partners in crime, what are the roles of each of them etc. The system shows the whole picture of interactions: the employees’ correspondence with each other and with people from outside the corporate network, transmission of important documents, copying them to external storage devices or printing them.
    • To observe the current activity of the employees. It is possible to configure the webcam recording, monitoring or keylogger to track the activity of the employees that require special attention. Also, the system can make screenshots of the employees’ desktop. It helps to observe the employees’ activity in detail and analyze their intentions and incident scale.

    Step 3. The security officer creates a case within SecureTower. Here they can store all materials related to the case. They can also make notes with their thoughts about the incident.

    Step 4. All collected materials can be exported from the system in digital format or printed to be presented to the chief.

    As a result, the chief has all necessary information to make a decision about following actions: what segments of security should be enhanced and what to do with the insider. Depending on the incident consequences, the following measures can be taken: from information security instruction to disciplinary sanction or dismissal. Materials collected by the system can be used in court as the evidence base.

    Important publications

    Falcongaze SecureTower 6.5 - better control, stronger protection
    Falcongaze SecureTower 6.5 - better control, stronger protection
    Falcongaze, a developer of data breach protection and personnel control software, has released the first of two planned updates to its SecureTower system this year.
    Falcongaze SecureTower version 6.4
    Falcongaze SecureTower version 6.4
    Falcongaze has released a new version of its DLP-system SecureTower which is aimed to protect companies from data leaks and insider activity.
    What is UBA?
    What is UBA?
    Information security incidents carry great financial and reputational risk for companies. Foreseeing the future is not easy, it’s quite more efficient to build a forecast based on analytics. Falcongaze experts explain how UBA technology works and how it will help to solve this problem.
    What is DLP systems?
    What is DLP systems?
    Data Leak Prevention is a specialized software, which protects organization against data loss. This technology grants both blocking of confidential information transfer through various data channels and monitoring employee activity. Therefore it allows to find vulnerabilities beforehand
    Security review: top 5 best & popular email services for 2019
    Security review: top 5 best & popular email services for 2019
    Falcongaze Analytical Center has already made some researches concerning cybersecurity predictions for 2019 and now is ready to present a top for emails. Not just about their technical details but life cycle including scandals and protective qualities.
    DLP implementation: mispractice vs. wise adjustment
    DLP implementation: mispractice vs. wise adjustment
    DLP systems out of the whole number of information security tools get most highlight. They are expected to become a solution to all threats. However, mispractice lower the image of such systems so some may think that DLP is useless.
    Fighting Corruption in the Company
    Fighting Corruption in the Company
    Corruption is a malicious activity affecting many companies. As a rule, it is about abuse of trust. The cause is that the employees have access to assets along with the ability to make a crime without punishment.
    GDPR: New European regulation in the field of personal data protection
    GDPR: New European regulation in the field of personal data protection
    In accordance with the European Commission's data protection regulation (GDPR), which will come into force on May 25, 2018, any organization – regardless of its own location – which contains personal data of the European Union citizens will be responsible for its safety.
    Falcongaze developers created a technology for WhatsApp interception
    Falcongaze developers created a technology for WhatsApp interception
    Falcongaze Company, which has already rolled out the technology for interception of communication and file sharing via Telegram Messenger earlier this year, now announces the replenishment of the messengers under control line. The new version of comprehensive information security platform SecureTower will be complemented by a technology allowing to intercept communication in the WhatsApp messenger, which hit second place in the ranking of Falcongaze Analytics Center
    Falcongaze developed functional to control Telegram
    Falcongaze developed functional to control Telegram
    Falcongaze, vendor of information security, workflow monitoring and optimization products, announces Telegram Messenger under control in the latest version of SecureTower. SecureTower is a comprehensive information security and risk management platform.
    Convenience & security: rating of the most secure popular messengers
    Convenience & security: rating of the most secure popular messengers
    Today messengers rightfully occupy a worthy place among the most used office software and tools for business communication. Every company determines what software should be used by staff to keep in touch with colleagues, partners and customers, and sometimes allows employees to make these choices on their own. In addition to user-friendliness, today, when video cameras, wireless mice, fitness trackers, smart cars and even toilets can be easily hacked, the security of communication tools comes to the fore.
    Show more

    The SecureTower DLP system

    • Protection against data leaks caused by employees
    • Control of employees' work on computers
    • Identification of potentially dangerous employees (risk analysis)