About The Customer
Formula 1 racing is competitive on and off the track. Teams invest heavily for faster, more reliable cars, and any advantage they can find. Sensors measure temperature, pressure, and acceleration. The information is sent via telemetry to engineers at the track and the team’s research center.
This data is confidential to the teams and automotive sponsors. Small changes to the vehicle can increase speed, or improve cornering. In a sport where seconds separate winners from losers, data is king. Concerned that competitors were attempting to access their designs, the team decided to take steps to protect their competitive advantage.
The Business Challenge
The team’s designs are developed and tested at their research center in Europe. Data is also on laptops at race venues around the world. The large amount of data processing equipment used required the team to travel with not only drivers and crewmembers, but also its own IT infrastructure.
Mobility also reinforced the team’s decision to focus on protecting the data instead of the device. Data is what their competitors wanted.
The customer needed to ensure that information from the research center and teams at race venues was available to authorized users while preventing exfiltration of information by electronic transmission or downloading to removable drives. All actions, even those authorized by policy, required monitoring and logging.
Critical Success Factors
- Unfettered access to data by authorized users
- The ability to block egress of data and record all authorized actions
- Enable their mobile IT infrastructure to travel to races worldwide while securing IP at these remote locations
- Support multiple data types, including CAD drawings, documents, spreadsheets, and scientific data
- Require users to justify actions when data was moved and log all responses
The Solution
For the race team, no data classification was required. They considered all data residing on their hardware as sensitive. Specific policies were created to address known egress risks, and Fortra’s Digital Guardian’s kernel level agents enforced those policies. The agents allowed authorized users to access information, while detecting attempts to move, copy, or otherwise misuse the data. Digital Guardian was deployed on all devices, including in the team’s mobile IT infrastructure facility. Specific controls include block, log, report and alert on high risk activities, such as copies to removable devices, unloads to non-sanctioned cloud storage, or emailing.
If exceptions to these policies were required, Digital Guardian prompted the user with a form to acknowledge the risk associated with the exception, and provide a justification for their actions. This request, by itself, often dissuades users from engaging in risky behavior. In addition, the company required specific reports that were available out-of-the box with Digital Guardian. These included data discovery and investigative reports of attempts to hide, delete, encrypt, screen shot, or print sensitive data.
The Results
Hundreds of pages of design information were discovered with a competitive team. Digital Guardian’s advanced forensics and reports determined the identity of the employee who printed the documents. Further, Digital Guardian confirmed that at no time had another employee or contractor printed the document, or any portion of it.
With this evidence, the employee was dismissed and the rival team fined $100 million. Digital Guardian’s evidentiary-quality logs were later used in legal proceedings, where the engineer was tried and sentenced to prison.
About Digital Guardian
INSTALLED BASED
- Over 600 customers from across the globe
- Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology
- Used by 7 of the top 10 patent holders
DISCOVERY AND CLASSIFICATION
- Endpoint, network, cloud and local data storage
- Content, context, and user classification
- Fully automated to fully manual classification
- Over 300 data types, over 90 languages
EDUCATE AND ENFORCE
- Monitor log, prompt, justification request
- Auto-encrypt, quarantine, move, block
ACTIONABLE ANALYTICS
- System, user, and data level event visibility
- Analytics that filter out the noise
- Drag and drop incident management
- Right click remediation in real time
OPERATION SYSTEM SUPPORT
- Full visibility, analytics and controls across multiple operating systems
- Mac
- Windows
- Linux