IC "Trend" protects insider information with "SearchInform CIB"

2022: Implementation of "SearchInform CIB"

The investment company Trend has completed the implementation of the DLP-system SearchInform CIB to protect against information leaks. The decision helps the organization fulfill the requirements of the Central Bank of the Russian Federation for the protection of insider information: it provides control over the movement of confidential documents and suppresses fraud attempts. This was announced by SearchInform (SörchInform) on May 19, 2022.

We analyzed the market for DLP systems and chose one foreign and top 3 popular Russian DLP for tests. We stopped at CIB because we liked the architecture: unlike competitors, here the whole analytics is in one place, you don't need to go to different consoles to get detailed information on incidents. The system is easy to administer, such as configuring backups to avoid losing data. In addition, CIB supports many different OS - we have a mixed IT infrastructure, and full-fledged Linux control was especially important, "said Mikhail Sazonov, director of information security at Trend IC. - With adaptation helped the department of implementation - very interpretative specialists, set us up the system so that from a scattered mosaic it is possible to get a complete picture of what is happening in the company. As a result, the IB department has before its eyes all the data about incidents: who, what, where and when did, what and how led to this, and we can quickly respond to changes in the IT infrastructure and user behavior.

In the company, CIB controls employee computers, as well as virtual machines that work with contractors. The main task is to protect the IT infrastructure from unauthorized access by internal and external users, theft and attempts to change data. Therefore, the focus of DLP is all information systems, databases, insider information, personal customer data.

SearchInforms CIB collects and analyzes a lot of additional information about data movement and user activity. This helps to identify not only internal, but also external attacks, and eliminate risky user errors. For example, already during the testing of CIB in IC "Trend" found employees who accidentally transferred department data to PCs outside the protected perimeter of storing confidential information. This violated the regulations, threatened sanctions from the regulator and created a potential leakage channel. Due to a notification from the DLP system, the violation was fixed in time.

IC "Trend" especially notes the capabilities of the solution for controlling the keyboard and monitors of users, including in online mode, as well as the integration with the automated profiling system - "SoundInform ProfileCenter" special in the DLP market. Together, solutions provide control not only over the activity of staff and counterparties, but also over their psychological characteristics: stress levels, burnout, potential criminal trends.