Insider Threat Protection
A Gartner MQ-Leading Approach to
Guarding Federal Data from WithinLEARN MORE
With the rising value and volume of digital assets within agencies, there’s greater risk of insiders stealing sensitive data. Once you grant insider access to your network, perimeter security offers no defense. Bad actors enjoy the latitude that comes with trusted access, and can easily compromise data without detection. That’s why guarding against insider threats requires a focus on securing the data itself.
The Broadest Visibility and Control Against Insider Threats
Digital Guardian’s Data Loss Prevention (DLP) solution offers the deepest visibility, fine-grained control and the industry’s broadest DLP coverage – ensuring that whether you face malicious or inadvertent actors, your agency’s confidential data never leaves your organization.
With advanced methods for detection, access control, activity monitoring and analysis, Digital Guardian supports compliance with key mandates related to insider threats, including NISPOM2 and Executive Order 13587.
Our DLP is a consistent leader in the Gartner Magic Quadrant for Enterprise DLP with support for Windows, OS X and Linux. It proactively tags and classifies data as soon as you install it, offering immediate protection from the start – allowing your agency to stay ahead of threats before they happen.
- Prevent unauthorized exfiltration of data
- Ensure sensitive data is encrypted when exfiltrated from the corporate domain
- Block file uploads to personal webmail or social media accounts
- Require user justifications for policy exceptions
- Maintain exfiltration policies if users encrypt or suspiciously alter data
- Block data exfiltration to unauthorized cloud drives
- Disallow sensitive files copied to personal Dropbox, Box.net, etc. accounts (but allow the ability to access if a corporate version)
- Block downloads of sensitive data in corporate cloud storage to BYOD devices (but allow to be viewed on the device)
- Ensure sensitive data is encrypted before uploaded to cloud storage
- Identify behaviors that deviate from normal use
- Establish user trends to baseline normal behavior and block/prompt/alert extreme exceptions
- Identify suspicious/unauthorized applications used to access data
- Detect suspicious system configuration changes
- Monitor and control data use of privileged users
- Enforce role-based access controls to sensitive files
- Block authorized actions if risky/suspicious (e.g., allow printing of IP on the corporate network, but block if printing at home.)
- Gain instant awareness of noncompliance
- Enforce secure business processes that make users aware and accountable to data risks
- Measure rates of noncompliant activity before and after training/awareness prompts are enabled
- Confirm users haven’t taken sensitive data prior to leaving the company (e.g., exit interview use case)
- Keep sensitive data identifiable if obscured
- Ensure policies are accurately enforced for sensitive data throughout its lifecycle
- Monitor potentially risky file operations (e.g., save as, delete, cut and paste)
- Block or alert when sensitive data is zip-encrypted or screen captured
- Ensure files with content copied from another sensitive file are classified the same as the original
1- Gartner 2016 Magic Quadrant for Enterprise Data Loss Prevention, 1 February, 2016 , Brian Reed and Neil Wynne.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally, and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
The Definitive Guide to Data Loss Prevention
Want to learn more about DLP? Our Definitive Guide has all the essential information you need in one eBook.
Start reading now, no registration required.