About The Customer
A multinational aerospace, defense, and security company known for delivering advanced technologies and solutions in the space, air, sea, and cyber domains faced multiple data protection challenges requiring a DLP solution. The organization’s Sr. Manager of the Cybersecurity Operations team leads day-to-day operations, aligns cybersecurity strategy with overarching business objectives, and ensures resources are in place to protect the company’s networks from internal and external threats.
The Business Challenge
The organization faced significant challenges in monitoring and enforcing authorized data movement. USB usage policies relied heavily on user compliance, leaving gaps that could be exploited by uninformed users or malicious insiders. Identifying data exfiltration events, determining their extent, and pinpointing specific data involved were difficult or sometimes even impossible to accomplish. Regulatory requirements for data control added pressure, as did the looming threat of intellectual property loss, which could compromise the company’s competitive edge. They needed a robust data loss prevention (DLP) solution to mitigate these risks.
Critical Success Factors
Before evaluating potential solutions, security leaders within the organization created a list of requirements along with some “nice to haves.” With that in mind, they prioritized the following capabilities:
- Granular control over USB activity and other data transfer methods
- Enhanced visibility into data movement for timely investigations
- Customizable alerts and blocking rules to adapt to specific conditions
- Minimal impact on workstation functionality during implementation
Additional considerations included ease of deployment, responsiveness of vendor support, and flexibility in solution customization.
The Solution
Fortra’s Digital Guardian offered the comprehensive capabilities BAE Systems required. Leveraging Digital Guardian’s advanced monitoring and policy enforcement tools, BAE Systems gained:
- The ability to monitor, classify, and control data at a granular level, enabling secure USB usage and preventing stealthy and/or unauthorized transfers.
- Customizable rule sets that reduced false positives and focused on actionable alerts.
- Seamless collaboration with Fortra’s engineering and support teams to develop custom alerts and blocking rules tailored to BAE’s environment.
The implementation process was straightforward. Rigorous testing ensured compatibility across various workstation types and refined default rules to minimize noise. Digital Guardian’s contextual awareness provided BAE Systems with the insights needed to stay ahead of potential threats.
The Results
Since implementing Digital Guardian DLP, the organization has significantly reduced both malicious and unintentional data exfiltration attempts via USB, email, and other channels. The rulesets in place have effectively safeguarded data valued in the millions, preventing compliance violations, reputation damage, and potential contract losses.
Additionally, Fortra’s proactive and collaborative support has proven invaluable. From responsive troubleshooting to custom development, security leaders within the organization noted that Fortra has consistently demonstrated its commitment to customer success.
In a world where a solid data loss prevention solution is critical to our defenses, not only does Digital Guardian provide peace of mind, Fortra has proven time and time again that they are deeply invested in my team’s success.
Sr. Manager, Cybersecurity Operations
Data Types We Protect
