The Challenge
Financial services groups, insurance companies, and retailers store thousands, if not millions, of records on confidential customer data. Malicious data theft or even erroneous disclosures can result in fines, legal liabilities, and brand damage.
 

Why You Need Raytheon
  • Monitor the enterprise for behaviors that expose the company to accidental disclosures, with stronger policies for users who have constant, direct access to customer data.
  • Conduct focused investigations on clearly malicious data theft incidents.
  • Remotely destroy data on lost laptops that contain customer data.

Customer Data is at Risk

Nearly every Fortune 100 company stores thousands, if not millions, of confidential customer data records. A loss, accidental or deliberate, could be devastating to the company’s stock price, brand reputation, and bottom line. Many large retailers, for example, use outsourced call centers who have constant access to customer databases. Any one of the call center representatives could decide to make some extra money from selling a batch of credit card and social security numbers to a criminal third party.

Raytheon Monitors the Enterprise to Reduce Exposure of Customer Data

For a large retailer, Raytheon can be deployed across the enterprise with general policies that can measure for leading indicators of vulnerability, such as a large volume of unmonitored USB drive copies, off-hours printing of customer records, or customer data being sent unencrypted. Any one of these individual incidents can be replayed, if desired, so that the appropriate remediation can be taken. With the context Raytheon provides, the retailer can decide to deploy a training program to reduce off-hours printing and user prompting to reduce USB storage policy violations.

More stringent policies can be deployed to the call center employees. Policies can record whenever customer data is being “cut and pasted” between applications using the clipboard, alert whenever instant messages are sent while the user has the customer database open, or enable additional monitoring if a user deliberately disables his network connection to hide his actions.

Raytheon Exposes Even the Most Sophisticated Customer Theft

One of the retailers’ greatest fears is an employee extracting customer records and selling the data. During the monitoring process, it became evident that a particular user was cutting and pasting data from the customer database strictly against corporate policy. Further investigation revealed that the user was dropping the customer data into a Word document, saving the file under an ambiguous name, encrypting the file and saving it to a USB drive. It also revealed he notified his accomplice by instant message when the entire transaction was complete.

These obfuscation steps would easily bypass gateway data protection solutions since any one of the individual actions appears relatively harmless and the encrypted customer data would have never been detected by the gateway.

The administrator was able to deploy one of Raytheon’s hundreds of pre-built policies to monitor anytime customer data was copied from the database application; the policy was also customized to trigger if any data was copied to a USB drive. All user activity was then collected 30 minutes before and after the data was copied to the USB drive. Using Raytheon’s SureView Replay, the administrator was able to view video-like replay of the entire incident, from the original data copy all the way through to the instant message.

With proper context and evidence, the company was able to capture the perpetrator, and also deploy stronger policies at the enterprise level to alert when any employee was copying and pasting customer data from an application.

Prevent Customer Data Theft

 

 

Raytheon Safeguards Data

SureView captures all endpoint activities and replays the entire sequence of user behavior, providing the context and documentation to evidence customer data theft.

Raytheon Services will help design specific policies, train internal staff to spot leading indicators, and assist in investigations.

Top of the Page