Forcepoint Data Security for the largest individual bank
Description
Hypo Landesbank Vorarlberg uses a data loss prevention (DLP) solution. Their task is to increase data security and prevent data loss by detecting and blocking the unauthorized transmission of confidential data.
Security E-mail
Financial institutions operating with highly sensitive data that must take all possible preventive measures so that confidential data can not be deliberately or unintentionally passed on to unauthorized persons.
Following an initial specification of a technical solution to prevent unwanted data loss at the e-mail exit, the project team carried out a market investigation with ITS security specialists and system houses. Important: The solution had to work with the existing e-mail infrastructure, based on IBM Notes and Domino.
One of the sources of information was the Magic Quadrant for Content-Aware Data Loss Prevention by market research firm Gartner. As a result of the preliminary investigation, three suppliers remained, two of which were subjected to a detailed practice test. The project team of the IT department installed the products of both manufacturers and subsequently carried out extensive tests with the data from the e-mail archive. At the end of the day, Forcepoint ™ offered the more sophisticated and technically more elegant solution.
Define safety regulations and check them effectively
The actual technical implementation of the software - the Forcepoint Data Security Suite - and the additional measures proved to be more complex than initially estimated. From an organizational point of view, it was again examined which data are of critical importance for the Hypo Landesbank Vorarlberg and must be protected against unintentional forwarding. It was determined, for example, in which business processes the sensitive data are used and the rules for dealing with personal and sensitive data. Because all these safety rules must be considered in the DLP solution.
The main questions were: What data should be protected? Who is allowed to use, read or modify which data in which business processes? Where can sensitive data be safely sent? The works council was involved from the outset in all organizational measures affecting the Bank's employees, since the new solution analyzes mail contents, but not the behavior of the employees.
The data security suite stores the digital fingerprints of all sensitive data in a single, centralized, and encrypted form, with the help of the Forcepoint Data Security Suite, a "digital fingerprint" of the operational data to be protected , Which is updated once a day and serves as a reference for monitoring all activities carried out with the sensitive data.
Misuse in time
Forcepoint's DLP solution then actively intervenes in the event when confidential data are intended to leave the bank via IBM Notes Mail. First, the DLP solution calculates the fingerprints of the data in the e-mail and compares the result with the values in the fingerprint database and the associated security rules. If no rule violation occurs, the data can be sent.
If, on the other hand, the sender is not allowed to send this data, he receives notification and the delivery process is stopped. At the same time, the bank's compliance department receives a message of the transaction. She asks the sender for an opinion as to why the data should be sent.
Details
Business tasks
Ensure Security and Business Continuity
Reduce Costs
Problems
Risk or Leaks of confidential information