Prevent Data Loss without Operational Overhead
- Block IP from leaving with Employees
- Protect Data from Accidental Loss
- Comply with Regulatory Standards for Employee Privacy
30% of all data breaches are caused by malicious insider actions and errors.
Content Inspection and Heavy Endpoint Agents are Unnecessary
Traditional Endpoint Data Loss Prevention (DLP) solutions rely on intrusive, resource intensive content inspection rules.These types of detection techniques are prone to high levels of false positives, require heavy endpoint agents that degrade performance, and must be constantly tuned by IT and security staff to remain effective.
The ever-changing dynamics of today’s digital and distributed enterprises demand lightweight, easy-to-manage data loss prevention that doesn’t rely on rules-based keywords, patterns, expressions, and hashing to detect and prevent user-initiated data loss. Enterprises need a new approach.
Data Breach and Exfiltration Protection for the Modern Enterprise
Data Loss Prevention from DTEX takes a behavioral approach to data loss by monitoring and auditing all user activities based upon “out of the box” policies. Using this method, DTEX InTERCEPT is able to see the full lifecycle of behavior activity and understand the who, what, when and how of a possible data loss incident. No false positives, simply a real-time, scoring-based audit trail of all events.
Unlike heavy Endpoint DLP tools, DTEX InTERCEPT is a lightweight forwarder that requires no more than 3-5MB of bandwidth per day per endpoint and utilizes less than 1% CPU. With DTEX InTERCEPT, processing of DLP policies is not performed on the endpoint. Instead, all data is streamed in real-time to the cloud for analysis and detection, thereby avoiding many of the endpoint interoperability issues associated with traditional endpoint agents.
DTEX InTERCEPT’s modern architecture and design does not require "triggers" to determine when meta-data should be collected and supports continuous monitoring of all console and web-based applications. Likewise, DTEX’s innovative human-centric scoring mechanism is based upon a series of activities, vs DLP’s content focus, which means DTEX only notifies on truly suspicious events, saving time and empowering the analyst with full context about any given incident.
DTEX InTERCEPT’s behavior-based anomaly detection technology baselines user/device activity and can compare suspicious events based upon anomalies for the individual user, the department, and the organization as a whole. As an example, a user in the IT department may need to use certain tools that someone in sales department would not. DTEX automatically baselines these activities by peer group to understand what is normal and what is abnormal or suspicious.
How DTEX InTERCEPT Prevents Data Loss
Data Loss Prevention solutions are deployed to stop data exfiltration incidents including those initiated by a departing employee.
The diagram to the right is a timeline representing common behaviors and actions involved in a data exfiltration incident.
In this scenario, an employee has decided it is time to leave her employer. After signing an offer letter from a competitor, she begins to search and download sensitive documents across SharePoint and accessible files shares. The employee archives these files, password protects the data and attempts to exfiltrate via USB, drop-box and his/her personal Gmail account. Many of these steps occur while off the company network or VPN. DTEX records every activity in this scenario and stitches this information together into one user incident report for an analyst to investigate. ‘Indicators of Intent’ present themselves well before the full scenario plays out and allows analysts and the organization to stop exfiltration.
DTEX InTERCEPT – Data Loss Prevention without High-Maintenance Policies
DTEX InTERCEPT is the first and only Workforce Cyber Intelligence platform to deliver holistic, real-time awareness about the workforce’s activities without invading personal privacy. Born in the cloud and scalable to millions of devices in hours, DTEX empowers enterprises to easily see, understand and act on contextual intelligence using customer-tested and community-based scoring frameworks proven to stop insider threats, prevent data loss, maximize software investments, and protect the workforce, wherever they may be.
Listen as Bruce Moore, CIO with the Victorian Rail Track Corporation explains how his organization utilizes DTEX InTERCEPT to maintain operational resiliency, protect remote employees, prevent data loss and identify shadow IT projects.