Symantec Data Loss Prevention: New Features Protect Against Insider Threats
Employees are the backbone of your organization, but they’re also the biggest risk to the very data that makes your business thrive. Whether an insider is malicious in their attempt to take your confidential data for personal gain, or they just don’t know better and mishandle confidential data thereby putting it at risk, insiders significantly contribute to data loss. In fact, according to the latest Ponemon Cost of a Data Breach study, human errors and system glitches caused 64 percent of data breaches last year, while the insider threat has remained the most consistent issue facing security teams over time, increasing 22 percent since the first study. But the insider problem is a solvable one.
To keep corporate data safe, people, processes and technology must holistically address the insider threat. Symantec offers the market-leading data loss prevention (DLP) solution to protect data at rest, in motion and in use. Today, we’re announcing new features in Symantec Data Loss Prevention 12 that help further reduce the risks that insiders, both malicious and well-meaning, pose to confidential data. Enhancements to Symantec DLP include monitoring for email sent to iOS devices, the ability to evaluate encrypted content for policy violations, and greater visibility into the behavior patterns of high-risk insiders. These additions help organizations to better protect their valuable intellectual property (IP).
Secure Data in a BYOD Environment
Employees are bringing their own devices to work and accessing confidential data from them, with or without permission from IT Security – 41 percent of employees download work files to their personally owned tablet or smartphone. Security teams can now manage BYOD (“Bring Your Own Device”) policy while securing confidential data with Symantec DLP Mobile Email Monitor, which monitors corporate email being downloaded to the native mail app on company and employee-owned iPads and iPhones, and creates an inventory of confidential data being stored on them. It provides visibility into your mobile data loss risk and quickly pinpoints exposures if mobile devices are lost or stolen. Designed to support BYOD, Mobile Email Monitor does not require installation of any agents or apps on personal mobile devices.
Gain Visibility into “Hidden” Data
With Symantec Data Loss Prevention 12, companies can now decrypt, extract and analyze content that has been encrypted by Symantec File Share Encryption. Encryption Insight is a unique new feature that provides visibility into encrypted files stored on file servers and shares that previously could not be inspected for confidential data. It is a valuable tool not only for preventing accidental data leaks by insiders who just don’t know better, but also identifying malicious insiders who may try to steal valuable intellectual property by first encrypting it in order to avoid detection. This insight into the content of encrypted files provides security teams with another tool to reduce the risk of insider IP theft.
Find High Risk Insiders
Data loss is a people problem first and foremost, so it’s important to know exactly which users pose the highest risk to the security of your data. Symantec Data Loss Prevention 12 introduces a new User Risk Summary feature that combines endpoint and network events by user, so you can identify abnormal behavior patterns of high-risk individuals in your organization.
Ninety percent of DLP is about what you do after you find confidential data. This new report enables security teams to monitor irregular user behavior and quickly share this information with other business units, such as Human Resources (HR) to determine if any action is needed. For instance, an organization can use Symantec DLP to monitor for unusual patterns of downloading activity over a short period of time. Often companies will find that employees who have resigned will copy large volumes of confidential information prior to their departure. The security team can easily provide HR with the User Risk Summary report before an employee’s exit interview. Armed with information about what the employee downloaded in the weeks prior to departure, HR can more effectively communicate what the employee should and should not do with that company’s confidential information.
While the well-meaning insider still represents the majority of data loss risk, the malicious insider poses a significant threat to higher-stakes data. With these recent enhancements, Symantec Data Loss Prevention – a comprehensive solution that discovers, monitors, protects and manages confidential data wherever it is stored or used – addresses a range of insider threats to help protect your company’s IP. Combined with educating employees and training them on how to handle confidential information, using data loss prevention technology can help you find sensitive data and protect it against loss and theft.
Additional Information and Details: