Consolidated DLP and EDR for Internal and External Threats

About The Customer

At one of the world’s largest data management companies, the value of proprietary information was always clear. It was the primary reason its customers used its solutions. This also included their own proprietary information; data which allowed it to compete effectively in a crowded market. With thousands of employees worldwide, the company recognized the risk to valuable IP from attacks originating both inside and outside the organization.

The Business Challenge

The company’s data included source code, design documents, customer information, and internal financial records. They required a solution that would recognize the different types of data and apply appropriate controls, automatically. Manually classifying millions of documents, aside from being ineffective, was simply not possible.

The company started with Data Loss Protection, but also recognized the growing risk from outsiders using advanced techniques to gain a foothold in their environment, move laterally, and access confidential data. While adding Endpoint Detection and Response (EDR) was important, they needed a solution that would block malicious activity instead of simply generating alerts to security.

They also sought a way to reduce complexity with a solution from a single vendor. With this eye toward consolidating agents on its endpoints, the company sought a single solution to address both insider and external threats across the enterprise.

Finally, whatever solutions they select must be available as a managed service through a trusted partner.

Critical Success Factors

A single solution to address both insider and outsider threats across all egress channels
A fully managed solution to alleviate internal staffing challenges
Automatically identify and classify sensitive data for multiple data formats
Support compliance efforts across multiple jurisdictions and protect critical IP
Blocking prohibited actions instead of just providing alerts

The Solution

The company issued separate RFI’s for DLP and EDR. While they had previously licensed Fortra’s Digital Guardian® DLP solution, they were unaware of Digital Guardian’s Consolidated DLP and EDR offering. Once provided information on this solution, it became clear they could address both external and internal threats with a single agent on the endpoints and a single management console. The subsequent competitive bake-off revealed Digital Guardian as the ideal partner.

Digital Guardian’s MSP team translated the company’s desired policies into a set of enforceable controls on every endpoint. This allowed the company to have full visibility to all data types and enforce controls to prevent data loss through printing/emailing documents or downloading to unauthorized devices. All without the overhead and learning curve of deploying multiple on-premises solutions. A single console for building, deploying, and monitoring DLP and EDR greatly simplified management and reporting.

Digital Guardian’s automated classification eliminated any need to manually classify millions of existing documents, spreadsheets, and other files. Automatic classification assigns policies to data based on the source of the data (e.g., department, user, application, server) or on the contents of the data (e.g., PII, credit card information) to protect data from misuse and simplify regulatory reporting. This ensured a quick deployment for initial testing, and rapid time-to-value for the company.

INDUSTRY

Manufacturing, Technology

ENVIRONMENT

5,000 workstations
Privileged users and software engineers
ClearCase source code repository
Splunk SIEM in the cloud

CHALLENGE

Threat from sophisticated adversaries
Low impact on endpoints
Integration with existing infrastructure
Solution provided “as a service”
Competing vendor claims required a trusted partner

RESULTS

Full visibility and control over critical IP
Fully integrated with ClearCase and Splunk
MSP solution rolled out to 5,000 endpoints
A vendor-client partnership built on openness

The Results

An initial installation on 500 devices proved successful so quickly that within six months, the company rolled out Digital Guardian’s Managed Service Program to over 16,000 endpoints and servers. The ability to cover both internal and external threats through a single partner simplified and improved the company’s security program, while reducing overhead.

Download PDF version

About Digital Guardian

INSTALLED BASED

Over 700 customers from across the globe
Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology
Used by 7 of the top 10 patent holders

DISCOVERY AND CLASSIFICATION

Endpoint, network, cloud and local data storage
Content, context, and user classification
Fully automated to fully manual classification
Over 300 data types, over 90 languages

EDUCATE AND ENFORCE

Monitor log, prompt, justification request
Auto-encrypt, quarantine, move, block

ACTIONABLE ANALYTICS

System, user, and data level event visibility
Analytics that filter out the noise
Drag and drop incident management
Right click remediation in real time

OPERATION SYSTEM SUPPORT

Full visibility, analytics and controls across multiple operating systems
Mac
Windows
Linux

DEPLOYMENT

Managed Security Program
SaaS
On-Premise

Data Types We Protect

INTERNET & ADVANCED TECHNOLOGY

R&D Data
Customer Contracts
Source Code
Patents

SAAS

Personally Identifiable Information (PII)
Source Code
Login Credentials
Business Processes

SOCIAL NETWORKS

Login Credentials
Personal Information such as Pictures, Profile Data

TELECOMMUNICATION

Personally Identifiable Information (PII)
Privacy Data
R&D Data
Network Design
Patents

See how Digital Guardian can protect your organization’s sensitive data and critical assets

SCHEDULE A DEMO

REQUEST PRICING

Digital Guardian Customer Consolidated Data Loss Prevention (DLP) and Endpoint Detection response (EDR) for Internal and External Threats