Customer Data is at Risk
Nearly every Fortune 1000 company stores thousands, if not millions, of confidential customer data records. A loss, accidental or deliberate, could be devastating to the company’s stock price, brand reputation, and bottom line. Many large retailers, for example, use outsourced call centers who have constant access to customer databases. Any one of the call center representatives could decide to make some extra money from selling a batch of credit card and social security numbers to a criminal third party.
Raytheon Oakley Monitors the Enterprise to Reduce Exposure of Customer Data
For a large retailer, Raytheon Oakley can be deployed across the enterprise with general policies that can measure for leading indicators of vulnerability, such as a large volume of unmonitored USB drive copies, off-hours printing of customer records, or customer data being sent unencrypted. Any one of these individual incidents can be replayed, if desired, so that the appropriate remediation can be taken. With the context Raytheon Oakley provides, the retailer can decide to deploy a training program to reduce off-hours printing and user prompting to reduce USB storage policy violations.
More stringent policies can be deployed to the call center employees. Policies can record whenever customer data is being “cut and pasted” between applications using the clipboard, alert whenever instant messages are sent while the user has the customer database open, or enable additional monitoring if a user deliberately disables his network connection to hide his actions. .
Raytheon Oakley Exposes Even the Most Sophisticated Customer Theft
One of the retailers’ greatest fears is an employee extracting customer records and selling the data. During the monitoring process, it became evident that a particular user was cutting and pasting data from the customer database strictly against corporate policy. Further investigation revealed that the user was dropping the customer data into a Word document, saving the file under an ambiguous name, encrypting the file and saving it to a USB drive. It also revealed he notified his accomplice by instant message when the entire transaction was complete.
These obfuscation steps would easily bypass gateway data protection solutions since any one of the individual actions appears relatively harmless and the encrypted customer data would have never been detected by the gateway.
The administrator was able to deploy one of Raytheon Oakley’s hundreds of pre-built policies to monitor anytime customer data was copied from the database application; the policy was also customized to trigger if any data was copied to a USB drive. All user activity was then collected 30 minutes before and after the data was copied to the USB drive. Using Raytheon Oakley’s SureView Replay, the administrator was able to view video-like replay of the entire incident, from the original data copy all the way through to the instant message.
With proper context and evidence, the company was able to capture the perpetrator, and also deploy stronger policies at the enterprise level to alert when any employee was copying and pasting customer data from an application.
|
