Protecting sensitive data from insider threats is a board-level issue in companies today. This is particularly true when an innovative organization invests heavily in research and development and therefore has a lot of intellectual property. Competitors value this IP—as do hostile nation states. The latter may launch phishing attacks to gain employee credentials, engineer a social manipulation scheme, or simply hire an individual who will bring company secrets with them.
This was the challenge facing one of our customers. As a global leader in science and technology manufacturing, maintaining their leadership position requires extensive investments in R&D and unique manufacturing processes. They had deployed traditional data loss prevention and insider surveillance solutions but were dissatisfied with the constant tuning of granular rules and “blue screening” of endpoints. They also found surveillance techniques such as screen capture and keystroke logging to be a threat to their organizational culture.
Their three requirements for IP protection were clear:
- Low overhead—it must be simple to manage
- Readily scalable to their 80,000 users without impeding productivity
- Respect employee privacy to preserve corporate culture
DTEX InTERCEPT was brought in for a 2,000-user pilot. DTEX quickly proved its ability to meet the key requirements:
- No heavy lift to create granular DLP-like rules. DTEX’s behavioral enrichment and use of Zero Trust principles for workforce activity, predictive models, and advanced scoring algorithms identify, score, and highlight deviations.
- Scaling is simple with DTEX. Insider threat surveillance solutions require enormous bandwidth and storage; the volume of data collected when capturing and processing video quickly adds up. DTEX requires less than 0.5% CPU per endpoint and collects only 3-5MB of data per user per day, creating no perceivable network, employee productivity, or endpoint performance impacts.
- We designed DTEX InTERCEPT as a privacy-first solution. It uses data minimalization and pseudonymization to ensure employee privacy is maintained, while innovative behavioral machine-learning models help HR, IT, finance, and cybersecurity teams deliver better day-to-day experiences and foster better outcomes for employees and the organization.
You can read the full case study here and contact us here to let us show you how we can meet your insider risk requirements.