ENTERPRISE SECURITY MAGAZINE: TOP 4 PROBLEMS, SOLVED BY THE NEXT GENERATION DLP
Article by Alexey Raevsky, Ph.D., MBA, CEO, and Co-Founder, Zecurion
In 2021 we are witnessing the evolutionary leap of data loss prevention. Companies deal with remote work for a while now. And as employees became distant from their colleagues and leaders, lost and gained motivation, or experienced professional challenges, theoretical threats became real.
Unorthodox threats
DLP is neither a secret service nor a novelty for the staff. They are well informed, that organizations are checking the channels and business devices. Normally, employees will be cautious, not to lose trust. But insiders and fraudsters will use their knowledge to create new ways to trick the system and take the data they need anyway. So, the company is monitoring, what employee sends or if he makes screenshots of sensitive data? But what if he uses his phone to take a picture of the screen? This DLP “hack” is old as the hills.
Zecurion Next Generation DLP has Screen Photo Protector for that. This unique AI-based feature uses 2 neural networks to detect smartphones via webcam and blocks the computer in a blink of an eye (from 0.06 seconds).
Darkhorse
Whatever employees do at work has an intent and a reason. Trying to protect sensitive data might influence productivity and motivation badly. The Next Generation DLP solutions include UBA, analyzing employees on the main parameters: risk, productivity, policies applied, and emotional state.
Perform a holistic risk score by setting, what’s severe and what is not. If an employee is distracting from work to review entertainment or news media and it boosts his productivity afterward – don’t put pressure on him, it’s not a major risk. If he’s operating with sensitive data, saving it for reviewing later “in a more comfortable atmosphere” that might be a red flag.
As coffee talks at the office canteen are not an option at the moment, companies need UBA for proactive monitoring of employee’s emotional state. Zecurion DLP calculates it by analysis of outgoing messages. Each can receive up to 3 emotional attributes: joy, trust, surprise, anticipation, sadness, disgust, fear, and anger.
Last but not least, to prevent any behavior-associated issues the system must know, what it’s like to be that user. After profile research of not less than a week, Zecurion UBA displays anomalies in employee’s behavior and suggests similar patterns.
No context
The fact of the event is not enough for the proper investigation. Relying only on policies and classification leads to the vision of a particular moment. With limited information, Security Officer might easily make inaccurate conclusions or see much less, than what was happening.
The Next Generation DLP maintains a comprehensive archive of files and events to provide the big picture of the organization’s security state. This includes an option to generate numerous reports: from connection diagrams to custom executive-level ones.
Long incident response cycle
According to ACFE 2020 Global Study on Occupational Fraud and Abuse, a typical fraud case lasts 14 months before detection and leads to a $1,509,000 average loss per case. It takes time to collect all evidence, understand the motive, methods, and mechanics.
To make the process easier, Zecurion Next Generation DLP has an Investigation Module, providing a 360°view of actual tasks with all the statuses, data, executants, and deadlines. During the investigation, the cybersecurity team and analysts can leave comments on the task and discuss progress with other participants, attach documents and incidents as proof