top of page
banner_tod_all2.png

Security

Fight against the financing of terrorism, Cyber security, Internal threats

Analyze the data

IS security: prevention of sensitive information leaks

Our client, one of Europe’s biggest private banks, wanted to reduce the risk of leak of sensitive data (identities, financial transactions, etc.). Since the cause of such leaks is generally malicious internal actions, the Head of IT Security (ISSM) wanted to be able to identify all the sensitive data in the bank’s internal systems in order to protect it better.

Two questions arose:

  1. Where exactly is all the sensitive data held by the bank stored: on which databases/tables/columns, and in which files (especially Excel files and other lists spread across the internal network)?

  2. What types of sensitive data are involved?

Proposed solution

Our mass data discovery technology let us scan automatically :

  • All relational databases

  • Shared network drives: all directories and their subdirectories were scanned for Excel, CSV, XML and JSON files

  • CRM and content management systems (e.g. Sharepoint)

Each record in each table was analyzed for sensitive data: surname, first name, addresses, e-mails, phone numbers, bank account numbers, etc.

The results were compiled at field level (regardless of whether a database, Excel file or CSV list was involved). By the end of the scan we were able, for example, to say that file aaa.xlsx in directory x/y/z contains, in the 3rd field of the 2nd tab, N surnames.

Gains

The data scan (bottom-up approach) identified and located all sensitive data for the ISSM.

The resulting mapping means security teams have been able to make a huge reduction in the risk of data leakage:

  • By tracking queries they used to think were insignificant (= any SQL query from any column on the sensitive columns list created through mapping)

  • By regularly checking access to network directories that they did not previously know contained lists of sensitive data.

  • By checking the efficiency of anonymization procedures: the cross-matching (= Tale of Data fuzzy matches) of anonymized files with a list of known clients should not produce any matches

  • By long-term monitoring of leakage risk through regular scans (up to several times a day). New lists may appear on the network for a few hours just before a leak

Other scenarios are possible, please contact us to discuss your business cases.

bottom of page