DIGITAL GUARDIAN CASE STUDY
IP Protection, Secure Collaboration,
and Massive Scalability
About The Customer
A Fortune 50 company invested heavily into intellectual property to design and manufacture energy generation machinery. Employees used this to build the company’s competitive advantage. The company relied on “trust-based” access under the assumption that all employees were trustworthy. When a privileged user was caught attempting to steal proprietary data, it became obvious a “trust-based” system no longer worked.
The Business Challenge
The company had over 40,000 employees globally who required access to critical IP used in multiple applications including scientific and simulation software. Data types included product design and engineering documents, process flow plans, manufacturing documents, and business plans. Their global infrastructure included over 100,000 Windows and Linux workstations and servers.
Identifying and classifying the sensitive data presented a challenge. The breadth and volume of data made manual processes ineffective or inconsistent; automation at the time of data creation was necessary.
INDUSTRY
- Energy
ENVIRONMENT
- 40,000+ users and 100,000+ workstations and servers globally
- Mix of Windows and Linux machines
- Heavy investment in intellectual property
CHALLENGE
- Multiple desktop and server environments
- Widespread distribution of sensitive, valuable data
- Large and growing pools of structured and unstructured data
- Distinguish authorized vs malicious behavior within trusted user base
RESULTS
- Stopped an insider threat in first months of deployment
- Visibility to all data use and movement
- Improved collaboration and reduced risk of data loss
- Automated encryption for sensitive data in motion
- Real time prompts reinforce data protection policys at the time of risk
The company had previously relied on access controls to protect data, further restricting access to sensitive material was not possible. Employees needed the information to perform their jobs, and the attempted breach was by a trusted user. Any solution had to provide authorized users with unencumbered access to IP, while monitoring data use to ensure compliance with corporate policies.
Critical Success Factors
- Enable knowledge workers to share sensitive data globally by group and need
- Automatic encryption of sensitive data when shared by email or copied to a removable drive
- Real time alerting for Incident Response Teams and forensic reporting
- Allow users with elevated privilege to perform system maintenance without exposing critical data
- Scalability to deploy across 100,000 endpoints globally
The Solution
Fortra™’s Digital Guardian® collaborated with the company to identify systems where IP was created, used, and stored - then used the deep visibility provided by the Digital Guardian agent to both verify and validate their assumptions. Endpoint agents monitored the data and enforced the organization’s policies in real time across local hard drives/USB devices, file servers, and burned to CD/DVD. The visibility further extended to uploads, email, printing, and screenshots.
Having a comprehensive view of data, the customer implemented a hybrid content and context based classification program. Context classification was used for the discovery and automatic classification of files, as data was created, based on source application, server, file path, file type, and user identity, among the 200+ contextual factors available. Content-based classification was used based on keywords, regular expressions, document similarity, and pattern or dictionary matching.
Digital Guardian provided the company with policy-driven, automated data controls to allow collaboration between business units, balanced against the risk posed by a specific activity. These controls range from prompting users for justification, automated encryption, or blocking. All actions around classified data are logged for further analysis and investigation as needed. If critical policies are violated, alerts are automatically escalated to incident response teams for immediate actions.
The Results
Digital Guardian was deployed across 40,000 globally distributed systems, and within months of implementation an insider threat incident was identified and stopped. The company improved business and security processes, while protecting critical IP from compromise. With Digital Guardian, the company continues to build its IP protection program and integrate it into their overall Corporate Information Risk, Governance and Training.
About Digital Guardian
INSTALLED BASED
- Over 600 customers from across the globe
- Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology
- Used by 7 of the top 10 patent holders
DISCOVERY AND CLASSIFICATION
- Endpoint, network, cloud and local data storage
- Content, context, and user classification
- Fully automated to fully manual classification
- Over 300 data types, over 90 languages
EDUCATE AND ENFORCE
- Monitor log, prompt, justification request
- Auto-encrypt, quarantine, move, block
ACTIONABLE ANALYTICS
- System, user, and data level event visibility
- Analytics that filter out the noise
- Drag and drop incident management
- Right click remediation in real time
OPERATION SYSTEM SUPPORT
- Full visibility, analytics and controls across multiple operating systems
- Mac
- Windows
- Linux
DEPLOYMENT
- Managed Security Program
- SaaS
- On-Premise
Data Types We Protect
OIL AND GAS
- Site Exploration Plans
- Process Flow
- Engineering Designs
- Business Plans
- Legal Data
COAL MINING
- Productivity Data
- Coalbed Thickness Data
- Process Flow
- Engineering Designs
GAS AND ELECTRIC UTILITIES
- Distribution Plans
- Vendor Contracts
- Business Plans
- Legal Data
- Customer Data