One of the main functions of the DLP system is struggle with internal treats. Insider activities are often underestimated; however, the vast majority of information leakage is caused by such activities.
To detect the internal threats, a wide range of instruments is implemented in SecureTower. Apart from the direct data capture in information channels, the system employs a graph analyzer, ensuring quick and pictorial demonstration of the employees’ communicants. Moreover, a constant web monitoring of visited websites and activities in social networks is carried out.
To find disloyal employees, the security service has a possibility to obtain profiles and full history of the staff communications. SecureTower enables detection of external net communicants, performing unacceptable activities, e.g. trying to entice valuable employees or obtain the insider information about the company.
According to annual report Verizon 2019 Data Breach Investigations Report, the reason for 55% of incidents was the so-called “abuse of privilege”, when the main source of leakage was the staff, authorized with access to corporate data, meant only for the intended purpose. The privileged insiders are often not controlled by the security department or use their employment status to go beyond the regulations, established in the organization. The DLP system is not susceptible to the human factor and successfully detects the high rank insiders, as the ordinary employees.