Insider threats are a problem for every industry, but financial services are by far the prime target for data theft. No other industry is tasked with handling and securing more sensitive data. For large financial institutions with large numbers of employees, it’s critical to have visibility into employee activities that raise red flags signalling potential abuse.
Insider abuse and data misuse account for more than a third of data breaches in financial services organisations. Protecting against insider threats requires solutions that can discern between legitimate use and malicious intent and be deployed quickly at a global scale.
John Mc Loughlin, CEO of J2 Software, said DTEX has helped a global financial institution increase visibility into its insider threat landscape, allowing the company to mitigate against previously unknown threats in a scalable way without interrupting business-critical processes.
“This global financial institution is one of the largest in the US. They quickly understood that it needed to rethink its insider threat strategy following a data breach in which a single privileged employee was able to access and steal sensitive information for more than two years without being detected,” Mc Loughlin said.
While the organisation had some visibility through a legacy DLP solution, the breach made one thing clear: they lacked critical visibility into the potential red flags that could transform any of their 60,000 global employees from insider risks to insider threats.
At the same time, the financial institution’s stringent technology standards made it critical to identify a solution that would not impact employee performance and productivity. They needed to scale user visibility across nearly 70,000 endpoints, integrate seamlessly within the existing tech architecture and be lightweight enough that it wouldn’t affect employee performance.
Mc Loughlin said the financial institution launched an exhaustive search for a solution that met all of the required parameters. “They knew that a big-box solution like their existing DLP solution would not suffice and quickly ruled out several UEBA solutions that were either too difficult to deploy or did not have the right user data.
“When the team tested DTEX, they found that not only could it scale across all required endpoints, including Macs, Windows and Linux machines and servers, but that it was cloud-ready and lightweight enough to do so easily without exceeding the company’s strict CPU usage thresholds. The decision was an easy one.”
Once the organisation deployed DTEX, the benefits were immediate. Enhanced user visibility allowed the insider threat team to quickly see and understand suspicious activity by privileged users and monitor activity related to highly-sensitive documents without impacting employee productivity or performance.
Insider abuse and data misuse account for over a third of data breaches in financial service organisations and must be accounted for by controls. Protecting against insider threats requires solutions that can discern between legitimate use and malicious intent and be deployed quickly at a tremendous scale.
“DTEX has become a critical element of the financial institution’s security programme, enabling them to identify malicious insiders, protect compromised employees and prevent data exfiltration,” said Mc Loughlin.Click below to share this article