Investigation of Information Security Incidents

The number of companies facing confidential data losses increases year by year. While designing corporate IT security system it is important to block not only possible information leakage channels but also it is obligatory to create IT security incident investigation tools and policies. Using a DPL-system significantly simplifies the procedure of identifying a person responsible for a data loss, more over, it allows to establish an evidentiary basis for an incident. The “Business Guardian” system keeps all the records of data flowing through it. It makes easy to get additional information about a data loss that has taken place and what an employee had done before an incident. The information a DPL-system may provide helps understand if a data loss was accidental or resulting from a disloyal employee’s actions.

Data losses may happen not only in the protected perimeter. Disloyal employees may release their company’s data while using computers outside the organization. As a rule, a corporate data is released in media and other sources popular enough to cause harm to a company’s reputation. The component “BG Web Scan” allows to detect quickly a confidential data release in any online media or other sources. This product helps to realize where, when and what time the first publication was made, identify the data life cycle, make the data records (it is possible if the data has been online for a short period), all this enables to identify a malicious person.

Консультация экспертов по безопасности