Client Profile
One of the largest communications companies in the world with locations in five countries.
Challenges
One of the foremost challenges was the scope and complexity of the project itself. Due to the dynamic nature of the industry, the size of the company and the vast range of employee work, the sheer quantity of confidential data flowing into and out of the company network required comprehensive security. Having experiences issues with sensitive data being leaked from the company in the past, the client was all too aware of the importance of optimal data security. The company required a sophisticated data and network monitoring system robust enough to successfully observe everyday employee operations, while maintaining the flexibility necessary to safeguard against breeches.
The clients’ diverse needs required functionality and operational integration between multiple products. The constant availability of the email component necessitated the integration of a second server to provide backup in the event of a failure. In addition to email, mobile devices, instant messaging, thumb drives on endpoints and sensitive files present on the clients’ servers posed a significant threat. Finally, an on-site expert or highly trained corporate employee would need to manage the system and provide hands-on, real-time oversight. To top it off, CBI was working on a very tight timeline.
Solution
At the conclusion of a thorough system and network assessment, CBI recommended a program that combines two Symantec products: Data Loss Prevention and Data Insight. Data Loss Prevention stops any important information from leaving the company, intercepting outgoing traffic and generating activity reports. The product has real-time stopping power and functionality, and can be customized to block certain activities based upon company policies. Data Insight provides a comprehensive range of tracking and data management functions; enabling the user to review several components, including who creates and opens each file on the server, when and how often those files are opened, who has made any changes to existing files, what those changes are and when they were made.
Due to the technical and logistical demands, a phased rollout guaranteed the most efficient program implementation. Phase 1 included configuration of hardware and software to work within the new system. Phase 2 tested the new system in a “read-only” format to audit and evaluate functionality, as well as identify trends. CBI concluded the project by automating prevention and protection processes in some cases, while maintaining a manual approach in others.
Results
The implementation process was efficient, with individual system components online within three months and the entire project operational within six. In addition to the ongoing security and monitoring functionality, there was an immediate benefit derived from the scanning and auditing process. CBI was subsequently able to identify 10,000 sensitive files in just five weeks, blocking access to unauthorized users. The incidents included vulnerabilities, exposures and unauthorized operations, some of which included failure to lock down or encrypt private customer data.
The system also generates traffic from instant messaging within the client network and reviews the information employees are entering on various websites. This additional oversight makes it possible for the company’s management to establish tighter control of their network and to respond accordingly when necessary. The client is now able to confidently and consistently protect not only the company’s proprietary information, but also the sensitive data of clients and employees. The project’s foremost goal—corporate approval on all information coming from the organization—was accomplished efficiently and affordably.
The client’s CIO was quoted as saying (paraphrased): “This is one of the first products from which I’ve seen instant results—CBI’s work is great; this is a game-changer for us.”
