Advisory Financial Services Client Story

Verifying Internal Access and Control Configurations to Prevent Data Loss

Data loss as a result of privilege misuse is a frequent security incident across all companies. A financial services Client wanted to ensure that their internal access and control configurations were appropriate. Our Client also required validation that their data loss prevention tools were optimally configured.

USA
Financial Services

Practice Areas
  • Configuration Review


Our Client’s Challenge:

  • Account privilege misuse is one of the most frequent security incidents experienced by organizations across all industries. Irrespective of whether data loss is intentional or accidental, employees will always need to have access to sensitive corporate data as a requirement to do their jobs.
  • Our Client wanted to verify that internal access controls and configuration for employees were implemented at an appropriate security level. Ensuring employees did not have over-privileged access to sensitive information, while balancing job needs was a big challenge.
  • The Client also wanted to ensure that their data loss prevention tools were optimally configured and that additional safeguards were in place to prevent permanent loss of critical data.

Our Approach:

  • Security Compass was provided access to the corporate environment as an employee would to review the level of access granted to applications, services and systems. Configuration of data loss prevention tools was also verified.
  • We worked with the Client to understand and review the default privileges for major roles in the organization and the reasons they were assigned. This helped us factor in business context for recommendations that would be provided as output for this engagement.

The Result:

  • Security Compass helped our Client confirm the effectiveness of their data loss prevention tools, optimizing configuration and reducing the risk of potentially sensitive data leaving the organization, without our Client’s knowledge.
  • We were able to verify that account permissions and privileged access to documents were appropriate for our Client’s employees to carry out their jobs effectively, while protecting sensitive corporate data across the organization.
Our Client was able to confirm the effectiveness of data loss prevention tools, optimize configuration, verify that account permissions were appropriate, and minimize the risk of sensitive data leaving the organization without the Client’s knowledge.

Back to Client Stories

Contact Us

You’re different, and we know it.

We are your guide to planning, assessing, and helping you build secure information systems to keep your business productive.

Contact us to find out how we can help you.

 
Mostly
Some of
 
(Choose One)
(All that apply)
Web Search
Online Ad
White Paper
Analyst Report
Trade Show
Worked With Us Elsewhere
Referral
Other

Security Compass Logo