The Challenge
- Protect large quantities of valuable data
- Address a range of security issues with a small team
- Effectively comply with GDPR guidelines
The Solution
- Proofpoint Insider Threat Management
The Results
- Successfully augmented a lean team by providing protection against insider threats
- Gained unparalleled visibility into user activity and data movement
- Met GDPR requirements with robust tools, without need for additional employees
The Challenge
Valuable data at risk
The recruitment industry has high turnover, and with employees moving frequently from organization to organization, data has a tendency to travel in unauthorized ways. This, combined with the vast amount of sensitive candidate and employment data in play, makes the industry a hotspot for data exfiltration and other forms of insider threat.
A lean organization
Your World Recruitment Group’s five-person IT department is tasked with a wide variety of responsibilities, from technology implementation and management to data security to GDPR compliance. It’s a lot for a small department to manage, and there was not much extra time leftover to actively monitor for insider threats. This is a common theme for many small and midsized recruitment agencies. And it can open them up to insider threat risk.
GDPR requirements
While recruitment is not beholden to many compliance regulations, they must adhere to GDPR regulations. This requires maintenance of confidentiality, secure data practices, detailed audit trails, and breach notifications. And this includes other rules that can be difficult to follow without robust tools.
The Solution
Your World Recruitment chose Proofpoint Insider Threat Management because the platform is easy to use, even without deep security training or a large team. And it identifies threats graded by severity without requiring lots of fine-tuning and hands-on alert management.
Safeguarding valuable data
With Proofpoint, the organization gained unparalleled visibility into user activity and data movement. The IT team can detect users who are attempting to exfiltrate data through removable media, such as USB drives and keyboard shortcuts, such as copy/paste or print jobs. And what used to take weeks to resolve has been reduced to one or two days.
Running a lean security organization
Now the small IT department is able to continuously monitor for suspicious behavior without needing to hire more people. And they can easily delegate responsibilities to outside the team. This helps them run a lean, yet effective, security program.
Meeting GDPR requirements with ease
Proofpoint also helps the organization meet a range of GDPR requirements without hiring more full-time employees. Now they can preserve data confidentiality, implement protective measures, and produce detailed audit trails.
The Results
Proofpoint has helped the organization identify and put a stop to several potential insider threats. These include:
- A user attempting to defraud the organization via falsified business expenses
- Users creating fake email accounts to impersonate candidates in an attempt to change bank details and ultimately steal money from the organization
- Rampant sharing of credentials, which could lead to intentional or accidental data leakage
Also, Proofpoint helps the team proactively reinforce their security policy via user reminders that pop up in apps. These include WhatsApp, email clients, and CRMs. And overall, Proofpoint has empowered Your World Recruitment Group to successfully manage their insider threat risk. And all without a massive overhead investment in security personnel and tools. Now the team is able to run lean while feeling confident in their ability to catch intentional and accidental threats, maintain GDPR compliance, and protect their business and reputation.