Data Leaks - SearchInform

advertisement
Data Loss
Prevention in the
Banking Industry
www.searchinform.ru
Data Loss Prevention in the Banking Industry
Leaks of sensitive data may not only weaken a bank’s competitive
position, but also lead to negative attitude on the part of clients
and competent state authorities. Loss of sensitive data on
customers (both private and corporate) and/or their financial deals
is surely the most dangerous type of data leaks.
www.searchinform.ru
Data Leaks
Banking security officers lay a special emphasis on
the following types of information security threats
(data leaks):
www.searchinform.ru
Data Leaks
 A “dramatic” brain drain to rival companies. Employees
planning to resign may take confidential data with them.
 Loss of corporate customer information. Banks usually offer
special terms to major corporate clients.
www.searchinform.ru
Data Leaks
 Leakage of information on bank transactions, i.e. related parties,
accounts and amounts transacted. If such data leaks are made public, a
bank will most surely lose a lot of its clients and become a weaker
competitor on the market. That is why controlling bank staff is a critical
issue.
www.searchinform.ru
Data Leaks
 Internal messages, i.e. discussing team problems, mistakes, etc. may
be of great use to rivals and other untrustworthy parties. ICQ and other
instant messengers are usually used in a bank for such work-related
conversations. Sensitive data may be exposed to employees who are
not authorized to work with such information.
www.searchinform.ru
Data Leaks
 Leaks to the media.
www.searchinform.ru
Data Leaks
 Marketing programs and innovations being developed may also
leak outside the bank.
 Exposure of investment plans to untrustworthy parties may ruin
important commercial projects.
www.searchinform.ru
Data Leaks
 Banking security information exposed to third parties gives
broad options to criminals.
www.searchinform.ru
Data Leaks
 Leakage of information on cash shifts (including cash loans)
may lead to common robbery of clients or bill collectors.
www.searchinform.ru
SearchInform Solution
SearchInform software solution is an ideal option for corporate clients
enabling interception, analysis and control of internal data flows. Its major
advantage over companies offering similar solutions is a proprietary
similar-content search feature. You can use text fragments or entire
documents as queries. The search will return either identical documents or
documents similar in content or meaning.
www.searchinform.ru
Information Security Perimeter
SearchInform Information Security Perimeter allows tracking data leaks through
е-mail, ICQ, Skype, removable media (USB/CD), and printed documents. It can
also find sensitive data-at-rest where they do not belong.
www.searchinform.ru
Information Security Perimeter
SearchInform Information Security Perimeter incorporates several
pieces of software providing unbiased and duly documented
information on bank data flows within a limited time period.
www.searchinform.ru
Workstations Indexing
SearchInform Server allows indexing data stored on every
LAN PC. Administrator can choose any computer or disk for indexing.
www.searchinform.ru
Monitoring E-mail Traffic
MailSniffer intercepts email traffic on a protocol level, indexes intercepted
messages and provides search in them. The following protocols are supported:
SMTP, POP3, IMAP, MAPI, and HTML. It allows tracking data leaks and backing
up all corporate e-mail. Even if a message was advertently or inadvertently
deleted, its content remains available for full-text search.
www.searchinform.ru
Monitoring E-mail Traffic
MailSniffer intercepts HTTP traffic. It monitors messages sent through the
following web-services: google.com, yahoo.com, etc. All intercepted data are
stored in a database and available for search and analysis.
www.searchinform.ru
Monitoring HTTP Traffic
HTTPSniffer intercepts HTTP traffic, i.e. messages of web-blogs and social
networks.
www.searchinform.ru
Monitoring Instant Messaging Traffic
IMSniffer intercepts messages of popular IM clients and saves them to a
database you can search in afterwards using specific search modes (morphology,
similar-content search, etc.). Limiting your search criteria is also possible (e.g.
querying messages of two particular employees during a specific time interval).
www.searchinform.ru
Intercepting Skype Traffic
SkypeSniffer is used to control Skype traffic, i.e. voice and text messages, as
well as attached files. All intercepted data are saved to a database and are
available for full-text search (with morphology and synonym analysis, similarcontent search, etc.). Limiting your search criteria is also possible (e.g. querying
messages of two particular employees during a specific time interval).
www.searchinform.ru
Monitoring Removable Media Data
DeviceSniffer is a software solution designed to intercept data recorded to
USB, CD or DVD. All intercepted data are available for full-text search and
unique similar-content search. This technology prevents data leaks through
removable media.
www.searchinform.ru
Monitoring Printed-out Documents
PrintSniffer monitors local and network printers and discovers sensitive
information in printed documents. It monitors printed-out documents, indexes
them and sends them to a database. Intercepting printed documents data
allows not only to discover possible data leaks, but also find out if the printers
are used as intended.
www.searchinform.ru
Access Rights Differentiation System
Each component of company’s information security perimeter is in compliance with
a single access rights differentiation system. It allows flexible configuration, and
you can tune the rights to access intercepted documents any way you want it.
www.searchinform.ru
DataCenter
DataCenter controls all the indexes created by Information Security Perimeter
components. DataCenter enables you to
• split indexes so as to speed up access to data;
• schedule index splits on various parameters like size, document count, and time;
• monitor operation of every Information Security Perimeter component and alert
you on every found malfunction by email.
www.searchinform.ru
AlertCenter
AlertCenter is a software solution uniting all Information Security Perimeter
components into a single unit. It queries all data intercepted by Information
Security Perimeter against a user-managed query list, and immediately notifies
information security officers, should any violations of information security be
discovered.
This software application incorporates server console
and AlertCenter client, which allows differentiating
access rights to notifications and settings between
information security officers.
www.searchinform.ru
AlertCenter
AlertCenter is an independent application that can be connected to any
index created by SearchInform products and can with a preset time
interval scan a search index for user specified keywords.
www.searchinform.ru
AlertCenter
AlertCenter client and other SearchInform applications allow security officers
viewing incident-related documents and investigating the details of each incident.
White user lists make it possible to exclude certain incidents from monitoring as
they do not involve data leaks.
Event and result logs show how
efficient the fight against data
leaks is.
www.searchinform.ru
Summary
SearchInform solutions are successfully used
in banks and financial organizations, state owned
and large production, telecommunication and IT
companies of Russia and neighboring countries.
www.searchinform.ru
Thank you
for being with us!
www.searchinform.ru
Download