HelpSystems Logo

ANNOUNCEMENT: HelpSystems Acquires Leading Data Classification Providers to Bolster Security Business

Boldon James Logo White

Delivering A Change Of Security
Culture For DeltaCredit Bank

How Data Classification Enabled An 80% Reduction Of DLP False Positives

Customer: DeltaCredit Bank
Requirement: Data Classification To Protect Valuable Data
Solution: Boldon James Email, Office, File Classifier and SharePoint Classifier

DeltaCredit Bank is among the five largest banks in the Russian Federation in mortgage lending volumes and is owned by Société Générale, one of Europe’s leading banking and financial services groups. They are based in Moscow with 17 regional branches.

The Challenge

In common with many banks who operate at the heart of national financial systems, DeltaCredit face increasing challenges with risk, compliance and data protection. Without a data classification process, they found themselves treating all information equally, making incorrect risk assessments and underestimating or overestimating the value of information.

The Central Bank Of Russia requires Russian banks to have a data classification process, and DeltaCredit felt that implementing data classification software would achieve both compliance with this and other regulatory requirements, as well as giving them better visibility of what data they had and how to protect it. DeltaCredit identified that classification could not be successful as a one-off exercise just focused on specific applications or data sources but it needed to be continual and for all information they had; every file and email.

Supported by Boldon James’ Elite reseller, Adacom, DeltaCredit shortlisted two possible user-driven data classification tools. Whilst both products were able to provide a range of functionality, they selected Boldon James Classifier as it gave them the functionality they actually needed, at a more competitive price.

"The goal of this project was to implement a solution that can help to manage our data. We evaluated a few solutions and chose Boldon James as they were the best in both price and quality. With the implementation of Boldon James’s solution, our company has seen significant improvements to user awareness around the value of data. In combination with Data Loss Prevention systems, Boldon James has helped to reduce DLP false positives by over 80%.”

Alexey Lola
Chief Information Security Officer at DeltaCredit Bank

The Solution

The team initially ran a pilot project comprising 40 users, with representatives from different departments. With the data classification tool impacting every employee in the bank, they felt it was critical to get detailed feedback on how to best implement the solution and what rules to use for each functional area. The pilot was successfully completed within a month and Delta purchased Email, Office, File and SharePoint Classifier for use across their business. Utilising the flexible multilingual capability available within the Classifier Administration console, Delta Credit were also able to configure their policy in Russian.

Communication of the new process was identified as a priority and the team considered doing face-to-face training. As they felt that both their policy and Classifier were simple to understand, they chose instead to communicate changes by email, reminding users about the policy and providing details on which classifications levels to choose. Within the first four weeks, they were able to easily change the rules, altering notifications in response to feedback and tailoring implementation to the needs of the users to make life easier for them.

One of the greatest concerns was that the users wouldn’t like it and that it would have to be mandated, but in fact the DeltaCredit users treated classification as a game, surprising the ISO team with how positively it was accepted. During the phased implementation those users who did not yet have the tool were curious about others using it and requested it too. The software was implemented in just one week without the need for any specialist consultancy, skills or knowledge. “Once you’re done with the rules, you’re good to go, it doesn’t need a lot of attention, and it can just run. It’s very easy to maintain and we didn’t need a lot of specific knowledge or training” said Alexey Lola, Chief Information Security Officer.

The ISO team say they knew the project had been successful when they could see users were using the software and policy appropriately, and not simply using the default classification all the time. The team report a transformation of culture in relation to IT security, where classification is now automatic for the users and has become part of their normal daily routine. Alexey Lola continues “Classifier is not just about protection of the information – it’s there to change the security culture in the organisation as it affects every employee in your organisation.”

Classifier has also been integrated with DeltaCredit’s existing Data Loss Prevention (DLP) solution provided by InfoWatch, giving predictable and meaningful metadata that greatly improves the performance and reliability of the DLP decision-making logic. The combination of Classifier metadata and DLP has reduced false positives by over 80%, from around 150 events per day to 30-35 per day.

Conclusion

With the implementation of Boldon James Classifier, DeltaCredit Bank has seen significant improvements in security culture and user awareness around the value of data. In combination with Data Loss Prevention systems, Boldon James has helped to mitigate many data leakage risks, reduce false positives by over 80% and change the IT Security culture across the entire organisation.

Case Study 

Download the Forcepoint & Boldon James Solution Paper - Enhancing DLP with Classification.

Contact Sales

Gartner Peer Insights

"Great product for user awareness"

Very good customer support for implementation and operations. The product is great for improving user awareness of data classification.

IT Project Manager in the Finance Industry

Why choose
Boldon James

With unrivalled customer service and best-of-breed data protection and governance solutions,
we are helping many of the world’s most successful organisations take control of their business data.
Everyday, our customers enjoy more effective, secure and streamlined operations -
protecting their business critical information and reducing risk.

Cloud Computing Icon

We integrate with powerful data security and governance ecosystems.

Shield Icon

We protect business critical data, improve data control and reduce risk.

Analytics Icon

We deliver improved and streamlined business performance.

Hand Icon

We are a “safe pair of hands” that constantly deliver success.