Insider threats are a problem for almost every industry, but financial services companies have always been—and will continue to be—a prime target for data theft. No other industry is tasked with handling and securing more sensitive data. For global financial institutions with tens of thousands of employees, it’s critical to have visibility into employee activities that raise red flags signaling potential abuse.
Insider abuse and data misuse account for more than a third of data breaches in financial services organizations. Protecting against insider threats requires solutions that can discern between legitimate use and malicious intent and be deployed quickly at global scale.
This real-world case study highlights how DTEX helped a global financial institution increase visibility into its insider threat landscape, allowing the company to mitigate against previously unknown threats in a scalable way without interrupting business-critical processes.
This global financial institution—one of the 10 largest banks in the U.S. by total assets—quickly understood that it needed to rethink its insider threat strategy following a data breach in which a single privileged employee was able to access and steal sensitive information for more than two years without being detected.
While the organization had some visibility through a legacy DLP solution, the breach made one thing clear: they lacked critical visibility into the potential red flags that could transform any of their 60,000 global employees from insider risks to insider threats. At the same time, the financial institution’s stringent technology standards made it critical to identify a solution that would not impact employee performance and productivity. They needed to scale user visibility across nearly 70,000 endpoints, integrate seamlessly within the existing tech architecture, and be lightweight enough that it wouldn’t affect employee performance.
The Solution: DTEX
The financial institution launched an exhaustive search for a solution that met all of the required parameters. They knew that a big-box solution like their existing DLP solution would not suffice and quickly ruled out several UEBA solutions that were either too difficult to deploy or did not have the right user data.
When the team tested DTEX, they found that not only could it scale across all required endpoints, including Macs, Windows and Linux machines and servers, but that it was cloud-ready and lightweight enough to do so easily without exceeding the company’s strict CPU usage thresholds. The decision was an easy one.
Once the organization deployed DTEX, the benefits were immediate. Enhanced user visibility allowed the insider threat team to quickly see and understand suspicious activity by privileged users, as well as monitor activity related to highly-sensitive documents—all without impacting employee productivity or performance. DTEX has become a critical element of the financial institution’s security program, enabling them to identify malicious insiders, protect compromised employees and prevent data exfiltration.