The greatest threat to business in Sub-Sahara today is the employees, research findings released by international research and data firm SNG Thornton, show. Employees, who are often underpaid, overworked and undervalued are the fault-lines through which businesses and companies make losses in the form of money, data or squandered man-hours.
The SNG Grant Thornton’s Sub-Saharan Fraud survey published on Tuesday April 13 found that 60 per cent of respondents say employees are currently the biggest threat to businesses when it comes to fraud, with 77 per cent others predicting an increase in incidence this year.
The survey advises companies to address staff concerns and fears to “safeguard their businesses from internal fraud, especially in light of employees working from home as a result of Covid-19, with this trend set to continue throughout the pandemic and beyond.”
Against this backdrop, Zecurion, a vendor of the Next Generation Data Loss Prevention (DLP), has released a new version of its foremost solution, Zecurion DLP 11, to help companies to troubleshoot.
This introduces a new level of effective detection of internal fraud and risk-based data loss prevention in the context of massive remote work. The solution includes several brand-new modules: Staff Control, Screen Photo Detector, Incident Workflow Automation and risk-based User Behaviour Analytics (UBA).
“Our aim is to understand the processes behind employee fraud and abuse, insider threats and human mistakes. We then investigate solutions to combat this,” says Alexey Raevsky, the chief executive and co-founder of Zecurion. “As such, our new solution makes an impressive leap in DLP development.”
“Traditional systems protect communication channels and devices, preventing sensitive data from being sent outside the network perimeter,” explains Raevsky. “However, added to this we have included advanced control, analytic and intelligence capabilities to identify whether user behaviour is abnormal. This is done via the Next Generation DLP offering that essentially improves the internal security posture of organizations compared to classic DLP solutions.”
Raevsky outlines the top ways to mitigate employee fraud and how these are implemented using Next Generation DLP solutions.
The new version keeps track of employees through staff control module, which has been added as a separate module to Zecurion DLP 11. Staff Control solution records working hours via automatically generated timesheets, logs employees’ actions including the websites staff visit and applications that were run and evaluates employees’ efficiency.
The module checks the activities of personnel for compliance with corporate standards and safety policies. This is then reported in a table with fast filters, groups and data from up to tens of thousands of PCs.
“As employee fraud is expected to increase, it is vital for businesses to implement the necessary solutions to ensure their operations are protected in 2021 and beyond,” Raevsky explains.
The second module prevents employees from photographing their screens. This unique AI-based feature changes the game, stopping the insiders that were previously not being able to be caught. Now, whenever someone tries to photograph a screen with a smartphone, Zecurion DLP immediately detects it via webcam and blocks the computer.
The revolutionary technology uses two neural networks to ensure reliable smartphone detection and flags cybersecurity incidents in a blink of an eye (from 0.06 seconds).
The screen watermarks prevent data loss. To make this possible, the security officer can set watermarks with the name of a user, PC and date over certain windows (like MS Office, CRM and others). This feature effectively prevents data loss, as users can initially see the watermarks with their name and understand the aftermath.
The module is also fitted with Investigation Workflow Automation. According to Zecurion, the module simplifies investigations and shortens the incident response cycle. It minimises the cybersecurity team’s workload by providing a 360-degree view of actual tasks with all the statuses, data on the investigation stage, executants and deadlines.
During the investigation, cybersecurity team members can leave comments on the task and discuss progress with other participants (from CISO to analyst) as well as attach documents and incidents as proof.
After installation of Zecurion DLP 11, each employee undergoes behaviour analysis within, at least, one week. The solution collects data on various parameters: risks, behaviour profiles, work time and connections. UBA then compares current employees’ parameters with their average values. A sharp deviation may signal a potential threat to information security or indicate a compromise of user credentials.
The module also has the capacity to investigate and make connections between internal and external users. The improved, interactive user connection diagram is extremely helpful during investigations as it displays connections between internal users and external contacts.
In version 11 the security officer can customise it with a legend, quick filters, and display of up to 1,000 objects at a time.
It also analyses communications between two users. This integrative report simplifies the analysis of communications between two users by displaying all messages from different messengers (Skype, WhatsApp, Telegram, etc.) in one chat-like window. This window looks like your favourite messenger, allowing you to read all captured messages, files, listen to audio messages and calls from a single point.
- A Tell report