Companies are at risk when existing employees or contractors steal valuable IP or commercial information. Departing employees, who have yet to resign, have access to sensitive information or intellectual property. As part of their termination policy, our client (a leading technology services company), required that certain key employee laptops be analyzed prior to their exit interview. With limited resources available, however, our client only had the time and resources to review e-mails for the previous 30 days…too short a time to properly determine if there were any nefarious activities taking place.
Our client did have a keyword based DLP system in place to monitor for information theft. This system was very good at detecting Personally Identifiable Information (PII) such as social security numbers and credit card numbers. It performed poorly, however, when used to detect confidential information in email using keyword terms such as ‘Confidential’. It was discovered, that amongst the thousands of false positives that were reviewed per week, many emails contained the words ‘confidential’ in every email. While better rules were built, the false positive count remained high, with little idea as to what may have been missed.
Catelas filled the gaps left by the DLP system. Within minutes of deployment, the software automatically identified strange anomalous behavior patterns from certain call center agents.
As this data was uncovered, our client was able to see exactly which agents were emailing confidential client information to hidden webmail accounts.
Of the 500 call center agents at the company, Catelas identified the 6 person ring of employees involved in ‘high jacking clients’ accounts. It was later found out that the hackers were using highly advanced coding to avoid detection by the DLP system. Additionally, Catelas was able to provide the company with documentation that linked the perpetrators with their crimes.