How to put on a vacation
Summer is a really busy time for us. A lot of flights, trips, and then... well, vacations! For CISOs, the travel and vacation period can be a very difficult time. That’s why we implement a few strategies to ensure secure access and help employees not to forget all the IS rules while they're on the road. Let's have a look at the checklist and find out, how we do it.
(In)secure digest: data leaks with mileage, refuse to use AI and hack of an account
The time has come for our traditional gather of so-called classic and extraordinary information security incidents, which were reported by mass media. In this digest we’ll reveal details on the following cases: data incident, which had lasted for ten years; hack of account of the employee, who hasn’t even set to work; unexpected cyber holidays.
Risk Management Certification
Let's consider one of the most significant frameworks for managing risk is ISO 31000, an international standard that provides principles, best practices, and guidelines for managing risk in organizations.
More than half of companies limit their protection with nominal information security literacy
A research on how companies prefer to train employees in information security and what methods do they implement
(In)Secure digest: if there was the “Darwin Award” in information security sphere – 2023 edition
In this April compilation, you’ll find details on aquarium fraudsters, the financial manager, who squandered the company's money, "super-secure" apps, but something went wrong with them and much more.
EPP vs EDR
What is the difference between EPP and EDR? Do they complement each other or they should be used separately?
Certified Risk and Information Systems Control (CRISC)
Сybersecurity and risk management certification: ISACA and ISC
Best Digital Forensics Certifications
The article helps you answer the three most important questions when choosing the right IT security and digital forensics certification.
(In)secure digest: enormous data leaks and insider’s revelations
The time has come to discuss major data realted incidents, which happened in February.
Which sources should be controlled by the SIEM system first of all?
It is very useful to maximize the SIEM system load to make sure that you won’t face a situation when something does not work appropriately in the real-life circumstances.
The SearchInform DLP deals with the smartphone threat
Learn how the SearchInform DLP functionality helps to detect, whether an insider has a smartphone in hands.
What Are the Major Security Threats That Can Be Expected Through an Email?
Learn more about the email risks and how to counter them.
The SearchInform DLP detects phishing and why would you need this functionality in the DLP class tool?
Learn how the atypical DLP functionalty enhances your corporate protection.
(In)secure post New Year digest: “temporary” failures, corporate insider and data on everyone
The time has come to discuss what happened while we were on a vacation.
Resonant cases of data leakages in APAC region
There is a step change taking place in the number of data-related incidents and that is critical.
In(secure) digest: lost accounts, compensations for mega leaks and “quick as the wind” leaks
This time we’ve gathered data on serious incidents: attacks on large companies, phishing, forgetful employees, whose actions led to the loss of clients’ data.
Notifiable Privacy Breaches
What is required to do if a data breach incident somehow takes place?
Cyber Threats to National Security
National Cybersecurity: this is how the cyber threat has intensified
What Are the Major Security Threats That Can Be Expected Through an Email?
Typical email threats and how to counter them
Data Loss Prevention Use Cases
This article will help you to learn how to avoid losing data.
Benefits of Managed Security Services
How to implement efficient information security protection with MSSP?
in(Secure) digest: stellar social engineering, exposed servers and giants under attacks
The most resonant information security incidents in our October digest: Toyota’s contractor exposed part of the code, an undercover astronaut, Australian companies experiencing cyberattacks, a massive Microsoft clients’ data leak.
Recent Security Breaches
Young employees, zero trust security and other security breach risks.
Healthcare Cyber Attacks
What makes healthcare organizations a popular target for cyber attacks?
Best Network Security Software
What should you look for when choosing a provider of best network security software?
(in)Secure digest: boredom motivated attacks, love to fines and ethical hack
We’ve compiled a selection of information security incidents, which became publicly known in September. Here we have: trustful employees, hack for joy and Morgan Stanley bank holding, which seems to enjoy paying fines for clients’ data losses.
Cyber Attacks on Critical Infrastructure
Critical infrastructure: current situation and best cybersecurity practices
Best Practices for Network Security
The ultimate guide to securing your industrial network using the best network security practices
Examples of Cybercrime Cases
What is cybercrime and examples of a few biggest cybercrimes
Emerging Cyber Threats
An overview of cyber threats, endangering companies and organizations worldwide in 2022.
Data Privacy Day
What is The European Data Protection Day and why data privacy is so important
Biggest Corporate Frauds
An overview of some biggest cases of corporate frauds in history.
Best Endpoint Protection
What is an efficient endpoint protection and a slight overvierw of best solutions.
(In)secure digest: the smell of data leaks, deep fake in the Zoom and an option of becoming the nobility member for only €1000
In August many employees are still on a vacation, however, this doesn’t refer to fraudsters, judicial and law enforcement system representatives. In our traditional digest among other you’ll find – one more shot in the foot and another example of peoples’ craving for a fairy tale.
Insider Threat Statistics for 2022 The seriousness of insider threat
What is an insider threat and who is an insider? What types of insider threats exist? How to detect an insider threat and what is required to do in order to mitigate risks? You may refere to the article and find out.
(In)secure digest: lawsuit for leaks, insidious phishing and record leak of personal data
The time has come to discuss if July was full with cyber incidents. As usual, we’ve gathered the most impressive cases, reported by mass media. Here we have unreliable suppliers, long-suffering Marriott, experiencing new data leaks and not very responsible personal data operator, which seems not to care about clients at all.
(In)secure digest: personal data newsletter, hacked state services and endangered farmers
The time has come to reveal some “classic” and non-trivial information security incidents. As usual, we’ve gathered some of the most impressive cases of the month in our digest.
Important trends in corporate security
In this article we continue to deal with the topic of corporate security, and we’ll provide a slight overview of some information security trends and advice on how top-managers may eliminate the ongoing risks.
New concept of organization’s security
It seems that the time has come to elaborate new approach to the concept of organization security
I resolve to… leave those security errors for good in 2021
The resolutions for businesses to begin the New Year without old mistakes finally cleaning up the awareness mess which never seems to be untangled
Why dismissed employees take revenge and what prevention measures to implement
Revenge hacks and what prevention measures to take
Business continuity and information security integration
How to make security part of a general risk prevention and mitigation program
Major fraud cases in healthcare revealed this year
Pfizer discovers an insider working for a competitor, whereas Genentech hit the news with a deep-rooted story months ago.
What kind of DLP system do you need in 2022?
David Balaban reflects on the DLP vendors' race for attention, adding of new features, sometimes going beyond the boundaries.
The more they know the less they care
More and more people are unwilling to share their personal data with third parties
Facebook security upgrade decision leaked
The company decided to exempt a number of employees from groups which have access to internal message boards.
How to tell the difference between a phishing email and a real one?
Don't become a phisher’s target, it's avoidable.
Multi-party breaches vs third-party related incidents
Ripple events are nearly untraceable and affect hundreds of companies
Data overexposed in manufacturing sector
The relevant statistics and most common security issues in 2021 so far
Users are monitored by gadgets Should we turn down everything digital?
Who should you trust in a digital world?
How to configure DLP and not to overlook a leak
How efficient are DLP systems with preset configurations? Can a system be configured once and for good? Learn how to adjust the settings here.
Top 5 actions to be taken by CEO to increase cybersecurity
Top 5 actions to be taken by CEO to increase cybersecurity and employee trust in the company
Trello boards indexed by major search engines put at peril business processes of Russian companies
Almost a million Trello boards, thousands of which contain corporate data of large and small Russian companies, were publicly available.
Not all DLP systems are equally helpful
How to choose a system and not to get disappointed
Why FileAuditor? SearchInform customer gives an elaborate answer
SearchInform customer – scientific technological pharmaceutical company Polysan – has deployed FileAuditor, a DCAP system, and shared the first impression with the company.
Outsourcing the role of information security officer
A piece of insight into infosec as an MSSP solution
Order in your files and folders: how to organize access control and protection against leaks
Expansion of the IT infrastructure complicates controlling who accesses, copies, moves from folders, and deletes information. In case company's confidential files and folders are not organized, it's almost impossible to keep that data secure. The task is solved with specialized DCAP systems.
(In) Secure digest: the hit parade of the most comical infosecurity incidents
The most comical infosecurity incidents to laugh and learn from it. Enjoy, but tread carefully!
Blocking that does not slow down business processes
Interview with Sergey Ozhegov, CEO of SearchInform
Is the system really hidden on an endpoint? All about invisible DLP control and where its cloak of invisibility loses powers
The DLP doesn’t function in a hidden mode for nothing: on the one hand, it doesn’t interfere with the work of respectable employees, on the other hand, it helps to catch insiders off guard.
Fraudsters won’t miss a chance — what threats to people and business remain in 2021
The “Roaring 20s” is no longer a euphemism from the last century, in the 21st the new decade also began loudly.
How to detect an employee accepting kickbacks using DLP?
Proven schemes for searching for corrupt individuals in the company.
How to surf the flow of information security events: use SIEM system correctly
Security Information and Event Management works on the principle of video surveillance. Cameras stand for connectors that collect data from hardware and software, whereas the object of the surveillance is an IT infrastructure featuring PCs, network devices, and servers. When configured properly, SIEM simplifies the monitoring of information security. How to organize the work, what to control first, and how to respond to incidents? - we will answer these questions using the example of SearchInfo
(In)Secure digest: default passwords, sensitive info for free, and phisher salary.
Every month we collect "classic" and non-trivial incidents on Infosecurity across the world and in Russia in particular. Here is our first digest for 2021.
Insider check: could you be damage to your company?
The test will define you as a certain type of insider. Remember: any employee could become a culprit of a leak, however, circumstances are different. We don’t mean to pretend “scientific”, we intend to make this test entertaining and informative.
Legal monitoring, smartphones control and your employee personal portrait
These and other ticklish issues regarding the launch of information security solution within your system.
Why does healthcare require the severest cybersecurity measures?
Innovations are designed to improve the quality of service and save time for patients and doctors, however, doctors and patients realize how vulnerable medical information is.
2020 infosec in pictures
You've been with us all this year and you remember all 2020 news we've shared with you. Let's smile and frown at it together!
FAQ: Frequently Asked and Finally Answered
15 questions the monitoring solution developer responds to during seminars.
(In)secure digest: Tesla sabotage, hospital blackmailer and excessively patriotic President
Every month we enrich our collection of classic and non-trivial cybersecurity cases. Data leaks, frauds, sabotage, and other incidents caused by insiders are of our interest.
Indian companies chose cloud
83% of companies chose cloud to deal with cybersecurity issues of remote work quick
How much can a former employee cost you?
Keeping the accounts of dismissed employees active and failing to revoke excessive rights might be one of the biggest mistakes a company can make.
(In) Secure digest: the science of information security, death cyberattack, and bank leaks
We collected "classic" and non-trivial incidents reported by foreign media
10 questions about the DLP system: why do I need it, what can I do, and what can't I do?
Today DLP system’s purpose is not just monitoring data leaks as it was in the beginning - now DLP systems are commonly used to solve a much broader list of problems.
Rights and wrongs when creating profile
How can you analyse employee personality and steer clear of breaching privacy?
Data breaches analysis
SearchInform analysed breaches that occurred in the first half of 2020.
Database Monitor access control management
SearchInform Database Monitor is a database activity monitoring software, which purpose is to mitigate an insider breach.
Data Protection in the Cloud
Security innovations and strict compliance are key in achieving the utmost security for your cloud data.
The Darwin Awards in Information Security World
...or 7 stories about stupidity, careless work, credulity and their consequences
What is confidential information and how does it affect your finances?
There is an edifying example, which proves common knowledge that there is many a slip ‘twixt cup and lip.
Use case: user behavior and insider detection
Insider threat is a tough and quirky menace to track down and pin.
Use case: eDiscovery
Proper information governance facilitates data search and analysis required for internal investigation.
Use case: file cleanup
In order to transform disorganized data into valuable insights you certainly need a powerful tool, which will assist you in file analysis ensuring frequent information verification.
Ensuring security and compliance in multi-departmental teams
As different departments have their own specific risk management frameworks they lack correlation and coordination - enterprise risk management ensures consistency.
If a data breach - then data protection tips
A detailed check-list of actions to take in order to save the data
Two important data protection questions to answer: Why and How to protect data at rest, in motion and in use
A short explanation why to protect your sensitive data, types of data and advice on how to protect data at rest, in motion and in use.
Key features of employee monitoring software
Are you sure that your employees do not goof off? Are you sure your employees are not idling away precious hours of productivity they rather spend on work-related tasks?
User activity audit, investigation
There are so many contextual factors to sift through that actually finding the newest threat and eliminating it is an encumbering job.
Regulatory internet data laws you should be aware of and maintain compliance with
Use case: access control and change management
The solution boosts risk assessment ensuring that access rights are properly managed and privileged user activity is under control, data access policies are in place and kept updated.
Data protection and classification
The massive impact of access to your data being obtained and an outsider security risk materializing cannot be overstated.
Access rights audit
Our data need insurance, and just like we have to cover every other potential risk that we couldn’t afford compensating for if it materialized, we need to conduct a security audit of our sensitive data.
Impactful data breaches in 2020 so far
Sometimes people do the simplest cyber security mistakes, namely, misconfiguring a database or using the same password for their bank account that they used for their social media
Life changing risks pentesters take to help you boost security (cont.)
The very courthouse that they broke into last night and now they’re sitting in the courthouse waiting to see the judge.
Life changing risks pentesters take to help you boost security
Conducting a penetration test on a courthouse and defending in front of a judge in the same building a few hours after – this is what happened to two pentesters working under contract.
Businesses’ role in cyber security and threat prevention
The financial service company sector is targeted more than any other industry, as attacks against them account for over a quarter of cyberattacks.
Mobile device encryption
Businesses realized the important role devices play as long ago as 2004, thus giving rise to mobile device management, a set of tools and practices that allow administrators to manage devices, apps, and increase device security.
How to stop hackers
Hacking isn’t quite as flashy as in the movies and it takes a major time investment on the criminal’s part, however it is every bit as damaging and threatening to companies as it is portrayed
A little-known evil that is occurring today is the phenomenon of industrial espionage. In fact, this is a problem that has been around for quite some time.
Internet privacy laws and regulations
One of the greatest challenges in the world today is making the Internet a secure place.
The cloud services revolution
Conducting software and web operations is an expensive endeavor indeed.
The information security team
Cyber criminals are working very hard to discover top-secret company information in order to sabotage it or sell the information to other companies.
Security in an ever more connected world
We live in a world that is forever shrinking, and the more connected we become to the things in our environment, the more convenient our errands and everyday work become.
How to detect suspicious activity in databases till information gets exported
As SearchInform releases Database Monitor we want to detail the way to use the DAM solution so that violating access rights and making changes to sensitive documents become transparent for those responsible for risk mitigation and data protection.
The CIA and its major security incident
This year the processing of the court case considering the employee who breached the CIA's data in 2016 to WikiLeaks has been resumed
Monitoring solution in the cloud
According to the research conducted by SearchInform, each company detected a user attempt to take at least some corporate data, whereas only 26% controlled employee activity with the help of monitoring software.
Database access audit
The solution for protection of information stored in databases monitors data export and user requests and alerts to any change
To be applied... New apps, new laws
Will the privacy limits be reconsidered? Dedigitisation as utopia
How to measure the performance of remote and onsite employees
Going remote is a challenge, and work discipline might “shiver”. There is a chance that as soon as employees put on slippers and robes they will feel too comfortable and that will impact the quality of their performance.
How do crisis and stress affect your team?
The need to transfer employees to remote work appeared to be one of the reasons to get stressed - businesses have to make such a transition to avoid losses and try to keep it going for as long as required.
The ways companies risk security in a crisis: external threats
Pandemic, oil collapse, global economic crisis, there are enough reasons for concern in 2020. However, these are not the only factors that will influence businesses all over the world.
The ways companies risk security in a crisis: internal threats
According to the research by SearchInform, 100% of companies identified the attempts of employees to take corporate data during the first months of using the company’s services
The rise of virtual private networks
Everyone is well aware that criminals on the internet are becoming savvier every day.
Have companies managed to shift to remote work?
SearchInform has conducted a research on companies’ experience in shifting to remote work and keeping business processes going.
Staying ahead of malware
With all the benefits that the worldwide connectivity of the Internet offers, so too come the vulnerabilities.
Social engineering prevention
When cyber criminals target organizations, their target normally is people themselves, because they can be manipulated. 70 to 90 percent of data breaches occur as a result of social engineering.
Server performance monitoring
In order for a website to operate, a database to be accessed from a distance, or e-mails to be facilitated, there must be a server to power this process.
Common unethical business practices
We live in a world full of risks and individuals who are willing to do others harm when an opportunity for personal gain presents itself.
As businesses keep staying remote. Use cases
Which instruments can be installed and how do they help?
Software security and efficiency
With all of the programs the ordinary user has installed on his computer, users are frequently proposed to have a software update performed.
As businesses keep staying remote
The insight into key threats and brief reminder why you shouldn't set it loose.
Setting up access to company files
Due to potential social engineering and the fact that many losses that companies suffer are related to employees, access control system installation is a major factor in ensuring company security.
Remote work: the way of the future?
Nobody would deny that the world is going digital. Like it or not, things are becoming ever more automated as technology facilitates business processes to an ever larger degree.
We all know very well that companies have their secrets as to the way they operate and that companies are always interested in the state of their security and potential losses
Compliance issues in the workplace
One of the ways that companies are gaining more success and reducing crime is through compliance issue management – compliance on all policy, in a broad spectrum of areas.
Personal data protection
Despite the greater amount of opportunities and convenience that the Internet provides us, we also find ourselves vulnerable in the event that we fall victim to an Internet scams.
No matter what you do in life, there are always risks. And this is a good thing, because without risk, there is no potential reward.
Social engineering attacks
With how connected the Internet is today, a lot of information that we couldn’t afford to share is potentially within the grasp of the most inventive malicious predators online.
Risk management in healthcare
Our health information is a private issue. For a number of reasons, people’s health information being shared could result in negative consequences.
Project management tools
Project management software also provides us a range of benefits, from scheduling events to creating project plans, and there are certain methods and tools that, if taken into account, provide a multitude of benefits and evade numerous risks that make it worth obtaining
Employee time tracking
On both fronts, time tracking software stands to render the lives of employees and employers much easier.
Employee monitoring software: is it illegal?
The first question one might ponder is: “Is it illegal to monitor employees’ computers?” The issue of employee monitoring has become a bit of a contested topic in recent years.
Indispensable services during lockdown
Solutions we use for remote working and industries we need for isolated living
Morrisons' implication has been ruled out
And the company might “set precedent”, according to The Telegraph
Is there a safe way of using apps?
And what is more dangerous: spyware or mere negligence when using digital services?
Five sectors that benefit most from employee monitoring software
Improvements in technology have radically changed the way we work
2019: trends and breaches
This autumn, experts have counted 5183 data breaches around the world compromising 7.9 billion records, and 2019 was claimed to be the worst in the history of data leakage.
How to max out SearchInform services
Do you consider launching comprehensive monitoring of your internal business processes and even reinvent business continuity management strategy but aren’t sure you want to delve into risk management program and hire extra staff, assign your specialists to the new job and purchase the system to integrate it with your business architecture and implement all the control? If you do – read and learn how to establish a smoothly supervized workflow and not to the detriment of your primary activities.
Deepfake: when audio forged by social engineering becomes a global threat
According to Gartner, by 2022 30% of all the cyberattacks could be targeted at damaging data, which is the material for neural network algorithm manipulations, as well as at the theft of ready-made machine learning examples.
Wanted: who is the most dangerous employee in a bank?
They all work with different information, dealing with data at rest and data in use, have their own tasks and use specific instruments.
Voice assistants risk assessment
Voice assistants became subject to investigative journalism — a few high profile publications made readers think twice before using a “helper” or even talking close to the microphone. And that is what we have learned this year.
Data at rest encryption
Whether your data encryption is on your computer, a flash drive, on a cloud, or includes your entire disc, proper encryption and management are essential to keep your resources and data safe and ensure that you maintain compliance.
What is a DLP system? How do active DLP systems work in 2019?
Although everyone is aware of risks that their data could be stolen, this is only the beginning of the IT risks companies must safeguard themselves from.
Business processes are migrating into a virtual environment, and companies have long started to keep e-document flow while introducing new management technologies.
When most people hear the word “forensics”, what usually comes to peoples’ minds right away is that it will involve somebody in a lab and a white coat working long hours.
Protecting information on flash drives | how to protect files on flash drives
A joint study of Illinois and Michigan universities revealed that 48% of people plug in random flash drives. We have selected the main points and findings which prove that the user behaviour plays an important role in protecting information.
Risk management matrix
We take risks every day, from the moment we wake up until we go to bed at night, as they are a normal part of life.
What is an insider threat detection program?
Although we all hope that we can trust each of our employees and that it will never happen to us, the truth is that malicious insiders are a relevant risk in today’s corporate world.
What is data at rest?
Under the conditions of today’s digital climate, sooner or later your information will eventually find its way into the wrong hands.
Main aspects of information security
Corporate security is not a new phenomenon. What we now understand as corporate security has existed since the emergence of trade. Merchants sought to protect their professional secrets from competitors in order not to lose profits.
Security risk management assessments
Security risk assessments are performed for the purpose of identifying, evaluating, and prioritizing risks associated with a company’s use and operation of information systems to its operations and assets.
Employee monitoring issues
Business ethics are the contemporary norms, set of values, and principles guiding the actions and behavior of employees at the companies they work for from a legal and moral standpoint.
Employment of friends and relatives
The Sales Department had not been fulfilling a plan for three months. The reasons were unobvious: it was a business season, and there were no issues with the discipline and skills of the employees, but the number of deals has decreased.
Detection and mitigation of internal corporate risks
The meaning of risk is the possibility of loss. Thus, what risk management entails is the process of identifying, analyzing, assessing, and prioritizing risk.
Risk assessment matrices
With the plethora of risks that accompany running a business, it is much more practical to have everything organized in written form or, better yet, in the form of diagrams for a concrete, concise representation of which risks the company faces as well as the severity of them.
As much as companies try to foster a culture of positivity in the corporate environment, put all sorts of system limitations in place, and emphasize strict company policy to keep employees from engaging in things they shouldn’t be doing, fraud still goes on, and it is rampant, hence the demand for email monitoring.
Configuring DLP system
The installation of a DLP system can be managed even by a novice system administrator. However, its fine-tuning requires some skills and experience.
Web activity monitoring
In the technology era in which employers are looking to squeeze everything out of their employees that they can and optimize business efficiency to the max, a plethora of process optimization industries have sprouted up that offer to facilitate businesses’ success.
Remote employee monitoring
As of late, there has been a great rise in employers’ desire to keep as close an eye on their employees as possible and analyze their activities in-depth to achieve the best idea of the level of their performance and the degree to which they are complying with policy.
User behavior analytics
Given the widely known and harnessed power of data analytics, companies utilize all sorts of information on their customers for a variety of purposes. Many use this information to most efficiently allocate their marketing expenses.
Fundamentals of IS | Fundamentals of IS. data protection
The founder of cybernetics Norbert Wiener believed that information has the unique characteristics and cannot be described as neither energy nor matter. A special status of information as a phenomenon resulted in a proliferation of definitions.
User activity monitoring
The more that a company knows about its workers, the more it can harness that knowledge to propel the business’ success to the next level. Employers do not want to leave productivity up to chance.
It goes without saying that efficiency is one of the most basic ingredients of a successful business and there is always room to ameliorate.
Insider threat statistics
A company having its secrets and confidential information stolen, its funds robbed, or damage caused to it is an ever-present threat that companies may take appropriate measures to avoid.
Although the primary function of a human resources department is to recruit and train personnel, there are many situations in the workplace that HR has to deal with, including ethics breaches and company policy violations.
IS Worldwide | The problems of information security in the world
By information security, we mean a set of organizational and technical measures to ensure the protection, integrity, accessibility and manageability of data arrays.
Extremist activity in the team
The department head noticed that an employee’s work had changed for the worse.
Shell companies and drug network
Company N called for a tender for preparation of design estimate documentation. At the stage of receiving requests the company found out that one of their employees had attempted to participate too.
Every bit of what makes a company successful comes from work implemented through the actions of a company’s employees.
How to digitize human factor
Prevention is the key process of incident management – it is better to discover reasons and sources of a possible security breach than to fight consequences. Potential insiders are not easy to detect, and general data safety approach including basic instruments are not sufficient to reveal a violator.
When you discover that your enterprise has been victimized by cybercrime or breached, your first thought is to seek out the origin of the crime.
Considering the significant amount of money most people have invested in their businesses, it is important that the full rewards of it can be reaped.
Search for a new job
An employee was viewing vacancies on his corporate computer and receiving invitations to job interviews sent by business competitors. A company's risk manager detected the suspicious activity and took the employee under control.
Insider threat tools
While all the hype about unknown threats breaching a company’s privacy, stealing its confidential information and company secrets, purposefully inflicting damage to its public image, and robbing it of its funds is worth keeping in mind to protect against, the losses that would result from that actually occurring are not as great as most people believe.
Distribution of negative opinion
The system detected the correspondence between colleagues discovering one of the employees being outraged by the incentive system and other aspects of the management approach to employees.
Data security and data encryption in business
Encryption involves a plain text being coded into “encrypted” form using a cipher text and then being “decrypted” with a cipher text by the recipient on the other end.
Corporate fraud investigations. Fraud security & protection
Corporate fraud could be defined as a loss to a corporation due to deceitful management. These schemes are often marked by their complexity and economic impact.
What is Risk Mitigation Strategy? Define Risk Evaluation Plan
To define risk mitigation, let us first specify what risk is. “Risk” is the possibility of loss. Thus, risk mitigation entails a concentrated effort to reduce adverse effects.
What is Risk Management? Solutions, Strategies, Services & Tools
Anyone who has ever been involved in business knows that there is risk everywhere. What is risk management?
How to Reduce Internal and External Threats to Organizations
With the current state of the global economy and employees feeling ever more pressure, internal security threats are on the rise.
Illegal business arrangements
Employees can create their own legal entities that will interact with an employer company. For example, fraudsters can use their job positions and promote their own enterprise as a counterparty and at the same time offer disadvantageous terms and conditions of cooperation.
What is Fraud Detection? Fraud Detection Software & Solutions
From advancing computing speeds to high-performance analytics to machine learning and other forms of AI, fraud prevention technology has come a long way.
What is Employee Monitoring Software or Employee Tracking System?
Do you know what your employees are up to? Businesses are well aware that gaining a good understanding of what their employees are up to can work wonders in raising their work efficiency.
Information Security Threats
Information security in the broadest sense is a combination of means to protect information from accidental or deliberate exposure.
Information Security Incident Management | IS Incident Management
The system of data leakage protection is based, above all, on the detection, prevention, registration and mitigation of information security incidents or events that violate regulated procedures.
Protection Against Information Leaks | Organization the protection of information from leakage through technical channels
We reviewed the results of the study related to the leakage of financial and other corporate confidential information.
How to Choose a DLP System
The global market of information security tools offers a wide range of DLP systems (Data Leak Prevention). And the demand for them is only growing.
Identifying terror threats
The correspondence of employees in the corporate chat was intercepted. The employees were discussing the war in Syria, and one of them spoke negatively of Russia’s role in the conflict.
Methods to Protect Information | Methods and Tools for Data Protection
Computer data is prone both to loss due to malfunction or destruction of equipment, and to theft. Protection methods include the use of hardware and devices, as well as specialized technical tools with software.
DLP systems | What is a DLP system, and how does it work?
As of today, the market of DLP systems is one of the fastest growing among all markets of information security tools.
Concept of DLP Systems | What is a DLP system?
DLP software is used to protect confidential data from internal threats. However, even if information security specialists adopted protection tools and use them against external violators, struggle with internal violators is more challenging.
Using personal mailbox
A car center employee was caught sending sensitive data from corporate to personal email.
Personal data leakage
The risk management department noticed that one of the dentists of the state clinic used to send to his personal email cards with health data.
Communication with competitors
An employee received a message with an offer to meet and discuss “some common issues”.
Leakage of a customer database
A security policy response attracted the attention of the risk managers responsible for monitoring to the abnormal activity of an employee who accessed the customer databases that include the information on individuals.
Attempt to leak tender documentation
The results of the monitoring revealed that the employee was ordered to send the document to this email address by his manager.
Leakage of a supplier database
The study of user relations made it possible to establish that the employee transmitted information to her husband who had a plot with the company's competitors.
An employee logged into the personal mailbox from the corporate computer – a DLP system automatically "scanned" the last sent and received emails.
Leakage of a company's business plan
With the help of the integrated policies the system alerted to a suspicious activity - one of the employees discussed the company's short-term development plans with an unknown user via Skype.
Leaking the company's know-how
The risk management department found confidential files on the computer of an employee who wasn't authorized to access them. Moreover, when the incident happened, the employee was on vacation.
Fraud Detection & Prevention Software: Business, Accounting, Banks
If most people were asked if stealing is wrong, they would answer “Yes”. In spite of this, organizations all over the world lose about 4 billion dollars to fraud on an annual basis.
How to Prevent Identity Theft & Fraud. Types of Corporate Frauds.
Avoiding corporate fraud is no easy task considering the great variety of forms of embezzlement and deception that may take place. In the past 20 years, over 1,000 executives have been convicted of corporate fraud.
Attempt to leak the local network topology
The risk management department spotted one of the lawyers copying the document with the schemes of local networks and communication of the company to the personal flash drive.
Integration of DLP Systems | Integration of DLP Systems in the company
DLP (Data Leak Prevention) is a comprehensive software product to prevent theft, modification and dissemination of confidential information. DLP-system monitor all the traffic within a protected corporate network.