Data Leak Prevention
Why is protection a good investment
Everyday our data is exposed to the risk loss, leakage or unavailability when they are urgently needed. Both private data – personal, medical data, credit card numbers, as well as business data – patents, financial analyses, customer databases. We more and more often may read about incidents involving leakage of sensitive or confidential data. Not only does the number of such incidents grow, but first of all, the data volumes expand. More and more frequent leakage sources are the current or former employees of the company or employees of its business partners.
What is data leakage
Data leakage is an unauthorized transfer of the organization’s data to the outside world as a result of theft or unintended (unconscious) actions of employees. The data contain information that is subject to protection for business reasons (trade secret) or legal reasons (personal, sensitive, financial, health data). The disclosure of such information may expose the organization to criminal or civil liability or other types of losses. To the organization the costs of data leakage may constitute a number of various expenditures related, for instance, with:
- identification of the real victims,
- notification of people harmed by the data breach,
- public relations activity,
- legal services,
- providing certain services to the victims,
- loss of customers and problems with attracting new ones,
- loss of reputation.
Effective investment into data leakage prevention means, most importantly, building a team of experts. Their role is first of all to continuously monitor the data and also create new and modify the current rules within the organization.
Exatel’s data leakage prevention service
We prevent leakage of intellectual property and other critical information resources of the customer. The service is deployed on a central platform in our data center and on devices (sensors) in the customer’s facility. It is fully launched, configured and managed by our specialists. We provide the service on Fidelis XPS platform of Fidelis Cybersecurity.
Fidelis XPS ensures data correlation mechanisms at the session level in real time. The analysis and bidirectional communication control reduce the risks posed by contemporary, sophisticated threats which are difficult to detect. It examines the entire traffic network – at the levels of protocol, application and contents – independently or together with the context. The dependable analysis conducted by Fidelis XPS enhances the architecture of network security. It enables advanced threat management and effective response to events. Fidelis XPS uses patented Deep Session Inspection technology that employs a unique process to analyze the network traffic. The process consists of 5 steps:
- Seize the packages: Fidelis XPS seizes all the network packages.
- Establish the session: the packages are again arranged in sessions in real time; some sessions are forwarded for analysis.
- Analyze the channel and applications: in-depth analyses depending on the port, related to protocols, applications, attachments, encryption and other attributes.
- Decode data blocks: opens files to extract contents for analysis; decoders ensure high performance and security.
- Analyze content: over a dozen technologies to analyze contents, all logically connected, enable sophisticated, precise profiling of information.
How does DPI technology work
- decodes and analyses, as deeply as needed, embedded elements in real time,
- collects information based on contents, communication channel, knowledge of sources and destinations of transmission assesses transmissions based on collected attributes from many transmission levels,
- undertakes actions based on flexibly created and modified rules,
- stores information about each element sent via the network for the past several months.
Scope of the service
- configuration, activation and maintenance of the service
- active 24/7/365 monitoring of security of customer’s IT resources to detect data leakage,
- continuous notification of the Customer on current data leakage threats,
- online reports,
- full support provided by experts throughout the entire cooperation cycle, including the pre-sales stage. The support includes an analysis of the existing infrastructure, customer’s needs and preparation of a functional solution,
- Service Level Agreement (SLA),
- one contact point – 24/7/365 Customer Service Line,
- optionally: access to historical network traffic metadata
Scope of the service
- comprehensive and professional protection of the customer’s IT infrastructure against leakage of sensitive data outside of the organization,
- full visibility of all 65 thousand ports
- analysis of both the content and context
- stronger security of intellectual property and other resources of the organization
- minimization of ICT security incident management costs
- major cut of incident resolution times
- mitigation of reputational risk in the case of the most dangerous attacks
- possibility to activate the malware protection service on the same hardware platform,
- historical and real time analyses in one interface, speed and scalability.