StaffCop for Financial Services: Identify and Stop Insider Threats
The retail and e-commerce industry faces a growing risk of cyber security breaches and stolen information. Target, Wal-Mart, TJX, Home Depot, eBay - all have been hit by data breaches.
Reports suggest that each breached data record costs retailers on average $116. PCI can charge hefty penalties if the retailer is found to violate the mandatory PCI DSS compliance requirements. There are other opportunity costs to consider as well; possible civil litigation, customer churn, suspension of account by payment providers etc. and sometimes, a large dent in brand reputation. In fact, a data breach has one of the top three negative effects on brand reputation.
Online retailers and e-commerce sites are even more susceptible to cyber-attacks and data breaches due to their exposure on the public internet and the Cloud. They are also increasingly capturing a vast amount of personal information, behavioral and tracking data to enable personalized experience to their customers. This means, they now have to protect volumes of different data types. It also means, when a breach occurs, they are held liable. PCI standards show that the average cost of a breach for a large website is 4 million dollars. It’s not exactly cheap at $86,500 for an SMB/SME either; especially when fallout from such a breach can put their very existence at risk.
Retailers need to implement strict restrictions on data access, monitor employees who work with sensitive information, and have the capability to identify insiders, often the main cause of cyber security breaches, whether intentionally or inadvertently.
StaffCop Addresses Activity Monitoring, Threat Detection, Data Loss Prevention Needs with a Single Unified Solution
StaffCop is designed to assist the financial sector address data loss, cybersecurity and insider threats with its user activity monitoring, insider threat detection and data loss prevention solution. With StaffCop, financial services organizations can implement effective endpoint monitoring to ensure adherence to regulatory compliance when it comes to protecting sensitive financial and personal data. Here are a few examples of what a financial services organization can achieve with StaffCop:
Real-Time User Activity Monitoring: provides granular visibility across your team, departments and vendors 24/7.
Endpoint Data Loss Prevention: secures sensitive data residing in Point-of-sale (POS) systems, back-office workstations, shared over the network or on the Cloud.
Risk-Based Insider Threat Prevention: thwarts any sabotage, collusion or other malicious intent by employees and privileged users.
Auto discovery of card number data
Built-in templates for card numbers developed with the implementation of Luhn algorithm. ‘On the fly’ content discovery with advanced OCR and digital fingerprinting.
Protect Your Business from Data Breaches
Real-time user activity monitoring prevents accidental or malicious insider threats and data breaches. Enforce classified financial data rules for websites, apps, emails, social media etc.Automatically warn if unauthorized access is detected.
Implement Solid Access control
Apply Identity authentication and segregated access levels to minimize data compromises. Restrict transfers of cardholder data on local, network, Cloud and external storage. Enforce data encryption at rest and on transit rules.
Protect Your Retail Operations from Insider and 3rd-Party Threats
Restrict privileged users access to cardholder/transaction servers and databases. Monitor third party vendors, contractors and consultants who have access to your critical systems to prevent sabotage or data theft.
Comply with PCI DSS, GLBA, SOX, GDPR and Others
Report on Compliance (ROC) with Digital Forensics and Audit. Session recording and immutable log keep track of all user activity related to cardholder data. Detailed reports of all data breach incidents, rule violations and what actions were taken. Flexible Policy & Rules Editor allows for creation of new rules for the evolving compliance landscape.
Improve Loss Detection and Response Time with Security Orchestration
Integrate StaffCop with Intrusion Detection/Prevention Systems (IDS/ IPS), Access Control, Threat Analytics and SIEM systems. Create a cyber security perimeter across your stores, supply chain network and corporate offices. Share threat intelligence and coordinate response with analysts, CSO, MSSP and security teams.
Financial Services is One of the Most Vulnerable Industries from Both Internal and External Threats
Retail is a prime cyber crime target, especially in the u.s.
A 2018 study found, three quarters (75%) of U.S. retail have been breached at least once in the past, ahead of 60% for Global retail. Source: Thales.
75% of U.S. Retail was Breached at Least Once in the Past
Data breaches affect customer loyalty significantly
A global survey of 10,000+ people found, If a company suffered a data breach, 70% of consumers would stop doing business with it. Source: Gemalto.
70% of Consumers Would Abandon a Breached Business
E-commerce sites are used by hackers using stolen data
A recent report showed that 80-90% of the people who log in to a retailer's e-commerce site are hackers using stolen data. Source: Shape Security / Business Insider.
80%+ of E-commerce Site Users are Hackers in Disguise
Card fraud losses will affect banks and merchants
According to a report, card fraud losses by banks and merchants worldwide are expected to rise to $32.82 billion by by the end of 2019. Source: Nilson.
$32B+ Estimated Global Card Fraud Losses by 2019
StaffCop Helps Energy & Utilities Companies Protect Sensitive Data
Brick & mortar stores
– Personally Identifiable Information (PII): name, address, social security number, date of birth, driver's license etc.
– Payment Card Industry Data Security Standard (PCI DSS) i.e. cardholder data, CC no., debit card no. – Supplier/vendor contracts.
Online retailers / ecommerce
– Customer data – PII + PCI.
– User preferences and buying patterns.
– Business processes.
– Session logs, site cookies, customer credentials, support pin, black/white listed IPs, public keys etc.
– Saved shopping buckets, promotion, discount and loyalty codes.
– Business processes and strategic plans.
– Price/cost/supplier/customer lists.
– Source code, formulas, patents and other type of IPs.
– Acquisition plans, M&A announcements, legal documents and other confidential matters.
– Payroll, accounting and financial data.
– Billing/invoice, tax/VAT, GST/HST, enrollment and payment related data. – GDPR special data categories (trade union data, biometric, geo location). – For Official Use Only (FOUO), Confidential and Protected file tags.Federal – Tax Information (FTI), Covered Financial Information (GLBA) etc.
Real-Time Visibility and Control
StaffCop visually records every action that a user makes on your Operation Technology (OT) and IT systems including endpoints, servers/terminal servers, network and cloud: web, apps, email, file transfers, etc. Uncover what your employees are up to both online and offline. Each object can be configured to take into consideration what needs to be monitored and who has access to the monitored records. You can specify who you want to monitor, how much you want to monitor, when and for how long. This allows for instant administrative oversight in respect to all user activity while complying with any privacy requirements.
Automated Data Discovery and Classification
StaffCop has built-in templates for many classified and unclassified data types to protect your customer data, IP and other sensitive information. Custom data types easily be created using flexible regular expression (RegEx) and natural language definitions. Combine OCR and fingerprinting with multiple logic, file origin, file properties and data content to discover and protect confidential exploration and production data, engineering and technical design, source codes, contract etc.
Powerful Policies and Rules Engine
The core of the StaffCop platform is its automation. StaffCop comes with hundreds of pre-defined policies and rules. For example: track e-mails outside the corporate network, stop uploading of a confidential document, detect screen capture, prevent the use of external drives etc. The templates cover virtually every use case of data loss prevention, insider threat detection and compliance requirements. Just pick a policy or rule template and all the data definition, content source, condition will be set automatically for you to edit.
Endpoint Data Loss Prevention & Egress Control
StaffCop helps you put exfiltration and egress controls in place to monitor and prevent illicit sharing of information. For example, File Transfer rules to block use of removable media. Or use dedicated Application rules to limit or completely disable social media and IMs to prevent potential data leak by social engineering. There are hundreds of use cases where StaffCop can proactively defend your data from malicious or accidental leaks or misuse
Behavioral Anomaly Detection
Define what constitutes dangerous or harmful user behavior and StaffCop’s sophisticated anomaly engine will automatically detect when a user, department or group deviates from their normal parameters or exceeds acceptable risk levels. For example, see if a user sends too many attachments or prints more pages than normal. StaffCop can detect anomalies in applications, emails, network, file activities, printing and more. Immediately get notified about harmful user activity, lock out user or take remote control of the compromised system before any malicious or fraudulent attempts are made.
Privileged User and Third-Party Monitoring
StaffCop allows organizations to create profiles for privileged users, contractors and other third-parties and then define what information and system resources each profile can access. Further rules can be set up by behavior policies so that access to sensitive information is segregated by the organization’s security policy. Rules can also be created to notify the authorities of any suspicious privileged user activity, such as unauthorized changes to system configuration, creation of backdoor accounts, unscheduled logins, a contractor trying to access restricted databases etc.
Risk Assessment and Treatment
StaffCop has a dedicated Risk dashboard where the CSO and security analysts can conduct organization-wide risk assessment. Risk can be profiled by users, departments or by system objects. Reports can be derived by severity of risks or by how many times security violations occurred.
Digital Forensics and Auditing
Detailed alerts for all users can be viewed including any security incidents and what actions were taken. Warning messages can be configured to inform the users about nonconformity and influence corrective behavior. Session recordings and history playback can be used to view user’s desktop for audit and evidence gathering purposes
StaffCop comes with support for implementing compliance and standards like NERC CIP Standards for Electric Utilities, FISMA, FERC, ISO 27001, GDPR etc. Our flexible Policy and Rules Editor and powerful analytics and reporting features can help you develop your own organization-specific security and privacy, etiquette and acceptable use policies or conform with any regional data privacy and notification laws applicable to your organization.
Need a More Comprehensive Solution?
Receive the required data “on the fly”. Search by keywords and regular expressions. Record sound from microphones to hear what was happening at the moment of interest.