DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK
Research application of DLP-system for protection of confidential information, a methodology for adapting the DLP-system to the specific activities of the organization, comparative analysis of the results of standard and adapted DLP-systems in the Bank. Developed: a technique for analyzing informati...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Belarusian National Technical University
2017-11-01
|
| Series: | Системный анализ и прикладная информатика |
| Subjects: | |
| Online Access: | https://sapi.bntu.by/jour/article/view/179 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832557375508185088 |
|---|---|
| author | T. A. Andryianava S. B. Salomatin |
| author_facet | T. A. Andryianava S. B. Salomatin |
| author_sort | T. A. Andryianava |
| collection | DOAJ |
| description | Research application of DLP-system for protection of confidential information, a methodology for adapting the DLP-system to the specific activities of the organization, comparative analysis of the results of standard and adapted DLP-systems in the Bank. Developed: a technique for analyzing information security events, algorithm for responding to identified events, methodology and procedures for adapting the standard DLP-system to the specifics of the Bank’s activities. The methodology for adapting a standard DLP-system to the specifics of the Bank’s work consists of the following activities: identification of critical corporate information categories, audit of information systems, description of current risks and their assessment, introduction of rules for Bank’s critical information and setting up a DLP system in accordance with the specifics of the Bank’s work. Modernization of the configuration of a standard DLP-system includes the following procedures: selection of confidential information of the Bank based on membership criteria, setting up detection, creating perimeters and developing an algorithm for responding to identified information security events in the Bank. The algorithm is designed to improve the efficiency of the response of information security officers in cases of incident detection and describes the stages of the subsequent actions. The results of the research prove that using an adapted DLP-system significantly reduces the number of false positives, increasing the accuracy of detecting confidential information and reducing the risk of leakage of critical information outside the corporate network. The application of the adapted DLP-system in the Bank allowed to increase the speed of response of information security specialists to the information security events detected by the DLP-system adapted to the Bank, and also allowed the DLP-system to transition from the copy mode to the blocking mode of illegitimate transfer of information. |
| format | Article |
| id | doaj-art-64f1e5e95d634aab90ff922305f0b7d2 |
| institution | Kabale University |
| issn | 2309-4923 2414-0481 |
| language | English |
| publishDate | 2017-11-01 |
| publisher | Belarusian National Technical University |
| record_format | Article |
| series | Системный анализ и прикладная информатика |
| spelling | doaj-art-64f1e5e95d634aab90ff922305f0b7d22025-02-03T05:16:50ZengBelarusian National Technical UniversityСистемный анализ и прикладная информатика2309-49232414-04812017-11-0103768210.21122/2309-4923-2017-3-76-82139DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANKT. A. Andryianava0S. B. Salomatin1Belarusian State University of Informatics and RadioelectronicsBelarusian State University of Informatics and RadioelectronicsResearch application of DLP-system for protection of confidential information, a methodology for adapting the DLP-system to the specific activities of the organization, comparative analysis of the results of standard and adapted DLP-systems in the Bank. Developed: a technique for analyzing information security events, algorithm for responding to identified events, methodology and procedures for adapting the standard DLP-system to the specifics of the Bank’s activities. The methodology for adapting a standard DLP-system to the specifics of the Bank’s work consists of the following activities: identification of critical corporate information categories, audit of information systems, description of current risks and their assessment, introduction of rules for Bank’s critical information and setting up a DLP system in accordance with the specifics of the Bank’s work. Modernization of the configuration of a standard DLP-system includes the following procedures: selection of confidential information of the Bank based on membership criteria, setting up detection, creating perimeters and developing an algorithm for responding to identified information security events in the Bank. The algorithm is designed to improve the efficiency of the response of information security officers in cases of incident detection and describes the stages of the subsequent actions. The results of the research prove that using an adapted DLP-system significantly reduces the number of false positives, increasing the accuracy of detecting confidential information and reducing the risk of leakage of critical information outside the corporate network. The application of the adapted DLP-system in the Bank allowed to increase the speed of response of information security specialists to the information security events detected by the DLP-system adapted to the Bank, and also allowed the DLP-system to transition from the copy mode to the blocking mode of illegitimate transfer of information.https://sapi.bntu.by/jour/article/view/179information securitydlp-systemmonitoring systeman information security eventleakage of confidential informationdetection of informationincident response algorithm |
| spellingShingle | T. A. Andryianava S. B. Salomatin DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK Системный анализ и прикладная информатика information security dlp-system monitoring system an information security event leakage of confidential information detection of information incident response algorithm |
| title | DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK |
| title_full | DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK |
| title_fullStr | DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK |
| title_full_unstemmed | DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK |
| title_short | DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK |
| title_sort | dlp reduced risk of leakage of confidential information of the bank |
| topic | information security dlp-system monitoring system an information security event leakage of confidential information detection of information incident response algorithm |
| url | https://sapi.bntu.by/jour/article/view/179 |
| work_keys_str_mv | AT taandryianava dlpreducedriskofleakageofconfidentialinformationofthebank AT sbsalomatin dlpreducedriskofleakageofconfidentialinformationofthebank |