Data Loss Prevention
The client had massive amounts of protected data (PII / PHI) throughout the organization which represented an unacceptable risk for data and loss. They needed a solution that would enable them to identify the protected data within the enterprise and implement policies to prevent unauthorized access or exfiltration of that data.
How this Project works
Hale Consulting Solutions LLC was engaged on this effort to assist to:
Implement a Data Loss Prevention (DLP) Solution
We worked with the client to implement a DLP agent and standardized rules and policies across the enterprise on all active workstations.
Implement an Unstructured Data Protection (UDP) Solution
We worked with the client to implement an Unstructured Data Protection (UDP)solution. This solution was used to inventory and categorize all the data stores across the organization.
Additionally, we worked with the client to develop policies and standardized rules for the evaluation and alerting on improperly configured data store access and un-authorized exfiltration attempts.
Integrate Data Loss Prevention with Security Information and Event Management (SIEM)
All the logs, alerts and notifications generated by the DLP and UPD Solutions were forwarded to, indexed and loaded into the enterprise Security Information and Event Management (SIEM) system. Additional reports and dashboards were developed within the SIEM to provide operational metrics and key performance indicators around the effectiveness and performance of these platforms.
Project Result & Benefits of Project
- DLP was deployed across over 160,000 workstations, reducing the effective risk of data exfiltration through these endpoints.
- UDP was deployed across over 20,000 servers, inventorying and categorizing over 12 Petabytes of data and reducing the effective risk of data exfiltration from these servers.
- UDP was utilized to identify almost 1 Petabyte of data that was beyond its retention period and was purged from storage.
“Companies spend millions of dollars on firewalls and secure access devices, and it’s money wasted because none of these measures address the weakest link in the security chain: the people who use, administer and operate computer systems.” - Kevin Mitnick