DLP: REDUCED RISK OF LEAKAGE OF CONFIDENTIAL INFORMATION OF THE BANK

Research application of DLP-system for protection of confidential information, a methodology for adapting the DLP-system to the specific activities of the organization, comparative analysis of the results of standard and adapted DLP-systems in the Bank. Developed: a technique for analyzing information security events, algorithm for responding to identified events, methodology and procedures for adapting the standard DLP-system to the specifics of the Bank’s activities. The methodology for adapting a standard DLP-system to the specifics of the Bank’s work consists of the following activities: identification of critical corporate information categories, audit of information systems, description of current risks and their assessment, introduction of rules for Bank’s critical information and setting up a DLP system in accordance with the specifics of the Bank’s work. Modernization of the configuration of a standard DLP-system includes the following procedures: selection of confidential information of the Bank based on membership criteria, setting up detection, creating perimeters and developing an algorithm for responding to identified information security events in the Bank. The algorithm is designed to improve the efficiency of the response of information security officers in cases of incident detection and describes the stages of the subsequent actions. The results of the research prove that using an adapted DLP-system significantly reduces the number of false positives, increasing the accuracy of detecting confidential information and reducing the risk of leakage of critical information outside the corporate network. The application of the adapted DLP-system in the Bank allowed to increase the speed of response of information security specialists to the information security events detected by the DLP-system adapted to the Bank, and also allowed the DLP-system to transition from the copy mode to the blocking mode of illegitimate transfer of information.

1. Dankevich, А. DLP v jepohu korporativnoj mobil’nosti A. Dankevich / Direktor informacionnoj sluzhby № 03 [Electronic resource]. – 2013. – Mode of access: https://www.osp.ru/text/print/article/13034662. html?isPdf=1). – Date of access: 15.08.2017.

2. Vnukov, А. А. Zashhita informacii v bankovskih sistemah: ucheb. posobie dlja bakalavriata i magistratury / А. А. Vnukov. М.: Izdatel’stvo Jurajt, 2017. – 246 s.(in Russ).

3. Tehnologicheskoe liderstvo InfoWatch Traffic Monitor / InfoWatch [Electronic resource]. – 2017. – Mode of access: https:// www.infowatch.ru/products/traffic_monitor. – Date of access: 04.07.2017.

4. Vasil’ev, V. DLP-sistemy: chto nuzhno zakazchiku / V. Vasil’ev / PC Week № 3–4 [Electronic resource]. – 2017. – Mode of access: https://www.itweek.ru/security/article/detail.php?ID=192940. – Date of access: 02.08.2017.

5. Zegzhda, D. P. Osnovy bezopasnosti informacionnyh sistem / Zegzhda, D. P., Ivashko, A. М. – М.: Gorjachaja linija – Telekom, 2000. – 452 s.

6. Kort, S. S. Teoreticheskie osnovy zashhity informacii: ucheb. posobie. – М.: Gelios АРВ, 2004. – 240 s.

7. Bataronov, I. L. Ocenka i regulirovanie riskov, obnaruzhenie i preduprezhdenie komp’juternyh atak na innovacionnye proekty / I. L. Bataronov, A. V. Parinov, K. V. Simonov // Informacija i bezopasnost’. – 2013. – Т. 16. – Vyp. 2. – S. 243–246 s.

8. Butuzov, V. V. K voprosu obosnovanija funkcii ushherba atakuemyh sistem / V. V. Butuzov, A. V. Zarjaev // Informacija i bezopasnost’. – 2013. – T. 16. – Vyp. 1.– S. 47–54.