October 31st, 2022 - New York - The data handled by financial companies is of great interest to the cyber-criminals due to its value. Companies in the financial industry are frequent targets of cyber-crimes like data breaches, frauds, data loss, hacking, malware, other cyber-attacks. Regardless of the size or operations protocol, approx. 91% financial companies feel the risks of cyber-attacks in various forms. In the recent past, end user is becoming a prime vector for data loss.
The possibility of end user becoming a liability is increasing with the use of flexibility and remote working options.
As we are aware, the results of data loss or data theft are heavy compensations, financial loss (both customer and company), damage to shares, reputational damage, revoking of customer trust, potential civil or criminal lawsuits, effect on productivity, etc. Below are the unseen challenges that questions current threat landscape!
- The PII or confidential data handled by users on their desktops or laptops when shared using screen sharing technologies
- Protection of digital intellectual property (DIP) such as applications, designs, patterns, etc., from unauthorized exposure
- When end users bypass existing endpoint protection mechanisms and disclose data to unauthorized individuals by various unmonitored technology means such as screensharing
- To meet ever changing global privacy requirements while protecting data
- Protecting information and business critical data from exposure to competitors via screensharing
- Amount of time and money while investigating data loss scenarios and frauds
Here are few detailed use cases
Use case #1 – Misuse of technology from an Unethical or fraudulent Associate/Contractor
Unskilled or unethical associate/contractor (subject) often uses external job support to get their job done, which requires the subject to provide full control of the endpoint remotely. Doing so they expose the critical organization’s data and information such as source code, credentials, marketing leads etc., to other individuals (external people) which not only goes unnoticed by existing endpoint data protection software but also violates the policies of the organization. PriNIST protects the data on the screen of the end user from any external source trying to connect to the endpoint – means, it is protected.
Use case #2 - Certain Zero-day Malware (State sponsored malware)?
The world is uncertain, governments are hiring cyber criminals to develop certain zero-day malwares specifically designed to steal data from government, private, public and critical infrastructure companies. Certain zero-day malware activates when a user opens targeted applications like outlook, teams, word, excel or any other application they may contain confidential information and take screenshots, record mini videos, and share to the malicious user via encrypted channels. PriNIST activates its intelligence and protects the applications from screenshots and video recording, even though if a malware or a malicious user takes a screenshot, they cannot see the protected application.
Use case #3 - Accidental data exposure while sharing the screen
During any screen sharing session the data on the screen is clearly visible to all participants. Sometimes a presenter tries to juggle between applications while actively screensharing, which can lead to leak of confidential data. PriNIST protects all the selected applications/software. It prevents any chances of data exposure from your end point screen.
Use case #4 - Outsourcing Data Leakage
To meet budgetary constraints, organizations opt for external support to manage their critical systems and end points. However, certain threats do arise such as exposure of critical data to support personal operating in various countries. For example, when a support person connects to a desktop or laptop (endpoint) to provide assistance, they will have access to all opened applications and can accidentally or intentionally (targeted) view critical data, the biggest threat is data being seen or captured across the world where various laws operate. There could be many controls that prevent, but when combined with effective technical control like PriNIST, the exposure of sensitive/confidential data is mitigated. PriNIST hides the protected applications from unwanted viewers.
Use case #5 - Espionage Scenarios
Actors supported/hired by government or competitor companies pose as employees or contractors. Such internal threats try to leak information via screen sharing applications from stealthy channels (web-based screen sharing application). The current Data Loss Preventions/End Point Protection tools are unfortunately unable to prevent such scenarios. Their acts are unnoticed and usually unknown till they are not caught in the act. This results in the loss a large amount of protected and sensitive information over the time. PriNIST as an on-screen protection software, protects your data in such scenarios by hiding the data in protected applications. The data cannot be shared over screen sharing applications or captured (screen shot) by the end point.
Use case #6 - Intellectual Property Leakage
Data streaming and screen sharing are one of the most commonly preferred means of presenting projects, models, blueprints, explanations, etc. without actually having to download or sharing the document or information to reduce the chances of data leaks. The end user screen can be recorded by the person on the other end of the network (other employees, contractors, partners, hackers) and this becomes the cause of intellectual property and sensitive data leakage. Let it be intentional or unintentional, from an employee or a contractor, the loss cannot be un-done. PriNIST protects the data present in the protected applications on the screen and enables you with tension free screen sharing.
What is PriNIST?
PriNIST is driven by Artificial Intelligence and Machine Learning to provide recommendations to protect data storing applications. It has easy to use interface with zero hinderance to the end point user, and enables immediate implementation of protection and control over exceptions. It is compliance friendly solution designed to support data segregation requirements which also provides detailed audit reports. Available options like On-premise and instance localization are exclusively to meet data localization requirements.
The list of compliances and regulations supported are: GDPR (EU), ADPR (Australia), PIPEDA (Canada), PDPA (Singapore), PCI DSS, POPI, NIST, LGPD, HIPAA, CCPA, ISO 27001, ISO 27701, HITRUST, SOX, GLBA, others.
Who owns PriNIST?
PriNIST is one of the flagship security products from COE Security LLC, an information security company.
For more details, visit: