In today’s fiercely competitive environment, keeping an organization’s crown jewels safe has become a C-level imperative. And it’s easy to see why: data is the lifeblood of every organization. What’s more, it’s what differentiates it from competitors. This is especially the case for services companies, which rely on scalability, speed and partnerships for their success.
In this blog post, we share insights from a global Fortune 500 services company about why they chose Proofpoint over Microsoft to protect their sensitive data from risky users.
A growing business brings increased risks
When the company first reached out to Proofpoint, it was facing several challenges that were driving its need to better protect its data.
For starters, it was experiencing strong demand and scaling rapidly in response. As a leader in business services, the company’s supplier contracts and business processes contain intellectual property that fuels its efficient service delivery model. Yet, as the business grew and became more complex, there was an increased risk for data loss and business disruption. The CISO knew this and wanted to be proactive about managing these risks.
The company also needed to address audit findings that were associated with data loss and, in doing so, improve its cybersecurity posture. The CISO knew he would need to implement a DLP program enabled by a solution that provided visibility across cloud, email and endpoints. However, he did not have the expertise to do this in-house—and worse, he didn’t know how to get started.
Data classification: myth vs. reality
A Microsoft E5 customer, the company initially reached out to the vendor for assistance. In response, Microsoft informed them that to accurately start protecting data, it would first need to classify and label all of its data. With terabytes and terabytes of data, the idea of classification quickly became a daunting task. And that wasn’t the only hurdle. The effort would also need to involve the legal team, which would need to agree to the classification process. This could further delay the project.
Aware of how long this could all take, the company consulted Proofpoint. We provided a different perspective and exposed the myth that all data needs to be classified before it can be protected.
With Proofpoint Enterprise Data Loss Prevention (DLP), you can start protecting your data on Day One; data does not need to be classified to be detected. Instead, DLP rules and detectors can identify sensitive data movement and risky behavior in real time and generate alerts. DLP analysts can correlate and triage alerts to determine the intent of the user and take the appropriate response. With this approach, the company could start benefiting from Proofpoint DLP instantly.
Immediate results with Proofpoint
The hosted proof of concept (POC) with Proofpoint lasted less than two weeks. During that time, the scale of risky behavior quickly became apparent. Thanks to the visibility provided by Proofpoint, the CISO and security team could see the risks in their environment right away. This was a stark contrast to the arduous task of classification, which the company had undertaken with Microsoft in parallel to the POC.
Several findings during the POC validated assumptions by the CISO. He had suspected that data was leaking from the company. However, this was the first time that he could see it happening. Proofpoint revealed that an HR employee was forwarding resumes and applications to their home computer. Based on the nature of the content, this was a clear violation of company policy, raising suspicion.
One of the POC’s most revealing data points was the high volume of alerts that were generated by users who were browsing generative AI (GenAI) websites. In addition, the POC uncovered six instances of potential cloud account compromises, which resulted in three files being abused post-compromise by an attacker. What’s more, 11 emails were sent to the wrong person, which had the potential to result in data loss.
|
Use Case |
DLP Channel |
POC Findings |
|
Data loss via GenAI sites |
Endpoint |
Over 700 alerts of users browsing to GenAI sites |
|
Account compromise |
Cloud |
6 suspicious logins and 3 abused files |
|
Email misdelivery |
|
11 misdirected emails |
Summary of POC findings.
Standing-up a DLP program
The CISO decided to invest in Proofpoint Enterprise DLP but was facing a dilemma: how would the solution be deployed and optimized going forward without any DLP expertise in house?
Proofpoint guided the company through the basics of how to start a successful DLP program. Most importantly, a DLP program goes beyond technology—it also includes processes and people. Proofpoint provided details about the deployment process, which includes:
- Identifying critical use cases
- Reviewing and refining policies
- Implementing business logic
As a result, the company chose to partner with Proofpoint Managed Information Protection, which provides a team of experts to optimize the DLP program on a continuous basis.
Why Proofpoint: value, visibility and expertise
The company chose Proofpoint over Microsoft because it met their business objectives. Namely, it wanted to scale at speed and decrease its risk at the same time by protecting its sensitive data. Here’s how the CISO summed up this decision:
“We chose Proofpoint [to help us stand-up a DLP program] because we feel like it’s the best value. Some people like to haggle on price to get the value. I prefer to go with the right solution and the right team that will help us be successful. That’s why I chose Proofpoint as our partner in this initiative.”
In short, the company chose Proofpoint because we offer:
- Quick time to value. The company could start protecting data on Day One during the short POC—it didn’t need to undertake a long, cumbersome classification project first.
- Visibility. The company suspected that its employees were engaging in risky behavior and violating corporate policy. We provided human-centric, cross-channel visibility so that its security team could take action.
- Proven expertise. Proofpoint Managed Information Protection helps optimize the company’s DLP program with a holistic approach to people, processes and technology through a combination of products and services.
Learn more
Read more about how Proofpoint can help you protect sensitive data and contain insider risks. Learn how our team of experts can help you accelerate your path to DLP maturity.