Nowadays communication via instant messengers is one of the most popular ways to keep in touch, therefore it’s not surprising that Skype, Lync, Viber, and social networks are used for work purposes. But even though messengers can be used for work related communication it is vital to watch how much communication there’s really going on. In case someone sends too many messages throughout the day it might be the case that the person spends too much worktime chatting about personal issues or shares a lot of information with the outsiders. The policy Most active IM users is based on a statistical query that is already created for you. The only thing to be specified is what we are going to count as suspicious activity (e.g. a user is sending more than 100 messages per day). Later all those messages can be analyzed in details.
It is essential to control opinion about top management as no one would want employees to write negative comments on work related forums, as well as revenge in some way in case of dissatisfaction with decisions made by a boss. It is a great opportunity to watch what employees think about events and changes in the company with the help of Negative comments about top managers policy. It is created as a complex query where we combine 2 different kinds of text search: first one includes names, titles, nicknames of the top managers; second one is a dictionary that includes words expressing dissatisfaction or anger, for example, offensive language and swear words.
When an employee starts searching for a new job and does it secretly it may lead to the situation where the employer loses an important and professional worker. Such unexpected situations usually cause a lot of problems, especially if a well-qualified specialist decides to quit. Such situations can be monitored with the help of the following policies:
Every employer expects their employees to stay focused on their work duties all the time they are paid for. However, it might happen that some people would want to earn more money freelancing and not fulfilling their key responsibilities. Thus, along with monitoring the workers who are about to change the job, it’s necessary to check whether some people work for another company or even a competitor. Freelance policy helps to find out if such employees are in the company by checking discussions with the help of text search and websites with the help of search by attributes on the topic and allows to save company’s money.
Sometimes in a company can appear employees that want to get extra profit by using fraud schemes that divert money from a company, such as creating shell companies. There are many different ways to implement this scheme but for us the most important thing is to discover the existence of such companies. Third-party companies policy allows to detect if workers own such companies and steal money by using similar content search where we can find such documents as article of association being mentioned.
According to the latest laws and regulations, such as GDPR in the EU, personal data of individuals should be protected by any organization at its best. Such data includes a lot of information and there are individual policies that work on basis of regular expressions search (together with detection of information patterns) and can immediately alert a security officer if there’s a threat to disclosure of personal data. These policies are the following:
Usually it is very complicated to find out if someone starts selling or passing confidential information at some point, therefore, it is essential to monitor the amounts of outgoing information. With the help of our special search type called statistical queries we allow to detect abnormal amount of information sent from each user (e.g. more than 20 emails sent per day, more than 10 documents printed, more than 50 files copied to USB etc.) and prevent damage caused by data leak.
Nowadays it is vital to take into consideration security on the global level, therefore it is important to check whether employees are interested in certain topics that might cause damage to the company. Extremism policy will determine if workers are involved in terroristic organizations, connected with ISIS or take part in other destructive movements, this way company will save its reputation and status. We are going to detect such people with the help of different dictionaries we provide our clients with, including separate dictionaries for ISIS, terrorism and even virus outbreaks.
It might not be evident but it is extremely important to monitor what documents which get attached to all outgoing mails and messages, and if the information is posted only on allowed sources in the internet. Leaving this information unchecked may lead to missing big data leak. Attached files policy automatically analyzes outgoing data and checks what kind of documents are attached to emails, and on which web sites certain information is posted. This can be realized with usage of complex query where we can combine different types of search by attributes. That allows to specify what attachments, posted and sent where exactly we want to see.
For each enterprise it is paramount to keep safe the information on how exactly it operates, for instance IT information such as network architecture. As rivals and/or other intruders may take advantage of it and hurt the company. IT data control policy reveals if company’s employees discuss or send such secret information to someone outside the company. This is done by using various kinds of search: we use words and phrases search to find any mentioning of something that composes network architecture, as well as regular expressions search to find data such as IP addresses mentioned in the intercepted data.
One of the most popular ways to steal confidential information is to simply copy it to external devices such as USB sticks. Copy to USB policy constantly checks if certain types of documents or archives were copied and allows to further analyze if it was data loss or no. Using attributive search, we can detect if, for instance, the following types of documents were copied somewhere:
Some employees for the purpose of hiding some actions can use anonymizer websites to visit prohibited sources. Of course, it is absolutely necessary to find such activity as usually it leads to lots of work time wasted on personal issues or even worse violations. To find out if workers want to disguise something anonymizers policy works with two main criteria:
For those companies that work with tenders it is necessary to watch if their workers discuss this topic as some insiders in procurement may be interested in kickbacks. Tender subject policy searches for such discussions in interception modules with the help of search with a dictionary and allows to prevent such illegal actions. And of course it is also possible to specify only those who work with tenders or who we suspect in something by adding search by attributes.
Once an employer hires an employee he expects this employee to be productive, initiative and loyal. Disloyal employees can cause damage to a company, giving sensitive data to rivals or having an idea of changing the job. Communication with competitors policy allows to find out if such workers appear in the company by tracking communication with representatives of other companies in the field of activity. This way it’s possible to prevent data leaks and make valuable employees stay in the company. Such communication can be revealed in various ways, we can find communication with the address of competitor’s mail server using attributive search and simply use words and phrases search to find if someone is mentioning names of such companies in discussions.
When someone is not satisfied with the salary it is better if it’s announced right away and not hidden. But sometimes what happens is an employee prefers to secretly discuss salary and money topic with people around, trying to find out what is the salary of the others and this way increase the tension in the team or even decide to quit the job not letting anyone know about it. Not to let this happen we suggest to monitor such discussions using words and phrases search that will allow to receive alerts once there’s someone just starting to comment on this topic.
It is vital for every company to operate effectively and gain profit, therefore the most important recourse for achieving good result is a hardworking and productive worker. Irrational use of time can include various things; this is what we suggest to pay attention to:
There’s a group of people who usually don’t directly steal information or cause harm to the company intentionally but whose hobbies and habits might lead to some troubles for the employer as well. These people are risk group for the company and include:
In general, sending attachments is just a part of everyday working process but if not paying attention to them, it’s very easy to miss secret documents sent even unintentionally, not speaking about sensitive documentation sent outside the company on purpose. For that reason, we suggest using separate policy that will inform about every email with a document attached, thus security officers can react on time in case there’re some violations. The policy is built on the basis of numerous mail attributes we have, that will help to detect only important mail attachments.
Usage of personal email can be a serious violation of company’s security rules as correspondence about business affairs is not be completely transparent this way. Also, some people can decide to send sensitive information to a personal email address, thus it’ll be impossible to control further movement of such documents. With the help of our special policy, security officer has a chance to examine every email that was sent to or received from any email domain except for the corporate one, including separate monitoring of attachments. This is possible as we have all attributes needed to monitor such email values as “From”, “To” and even “CC”, all of these are combined in a complex query.
In case an enterprise is involved in production it’s necessary to watch quality of products released, using special policy, security officer can be alerted on any msds on any specific product to analyze if someone changed information and if released product corresponds to all requirements. This is done with the help of words and phrased search along with similar content search.
Most people are afraid to admit that they made a mistake but sometimes it leads to bigger problems as hidden malfunctions can cause loss of a client as well as huge reputational damage. Therefore, we suggest detecting any conversation via different channels of communication that include discussion of violations, mistakes, failures, defects, etc. This is done with the help of words and phrases search that is applied to all correspondence.
Every time production is stopped for some reason it is big loss of money for a company so once it happens any manager should be informed about time and reason for downtime. Since workers often try to disguise the fact that something breaks as the result of their fault, it makes a lot of sense to use our policy for finding such facts on time and have a chance to take measures. The policy is created on the basis of text search.
It is very important to watch when employees are discussing any topic connected with money, especially when it is discussion of rewards or bonuses as some people can spread gossips, misunderstand news. It often ends up with dissatisfaction and disappointment, and in turn leads to possible theft of money or information. To prevent this our policy created on the basis of search with a dictionary can be used, as it’ll give alerts when some of the employees only start to discuss such topic.
In every company there is a list of sensitive documents that should be used only by limited number of people, so it is absolutely needed to have a chance to see every action that is made with such documents. If documents from this list have tags such as “secret”, “trade secret”, “confidential” and so on, we can use our special policy that is created with the help of phrase search to collect information about every action with such a document.
If someone decided to send archive or any other document that is password protected, then the document is either secret or this user has something to hide. Our policy is created with the help of special kind of search “Unrecognized documents” that alerts a security officer when there’s such a document sent by any channel. Thus, it is very easy to analyze who sent such document and for what reason.
When there’s a deal connected with delivery of some goods or services it is important to watch manager who is responsible for the deal to act accordingly. If manager is trying to discuss discounts or different terms with the counterparty thus having intention to gain more profit, this should be found at the very beginning of such discussions. Special query with search with a dictionary combined with attributive search where we can specify managers involved in the deal will allow to see incidents when someone is having such discussion.
It is vital to constantly check that the documents that describe financial state of the company stay within the company and not transmitted to third parties as it might cause financial and reputational damage. Financial data policy checks all data intercepted to find out if documents that contain information about profit and loss, cash flow, etc. were sent to people without access to that information. The policy is created with the help of similar content search that allows to find documents that are always written in the same way anywhere in the interception.
It is important to control each of the money transfers that takes place in the company. Both small transactions that are not connected with company’s activity and big transfers should be controlled as these are the most direct ways of how money can be stolen. The policy Money transfers helps to collect all information about every transfer in one place to have possibility for quick analysis. The policy is created on the basis of text search together with additional attributes.
We can offer our clients specialized policies for protecting particular bank documents such as financial reports, market research and financial plans of the company. It is vital that when analyzing this data we need to take into account list of people who work with such information, create risk groups and analyze content rout of the documents. All of these makes any operation with critical bank documents visible and transparent and can be easily done with the help of SearchInform tools. The policy is created with the usage of text search, thus each of the bank documents can be detected separately.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!