Technology Company Fortune 500 Advanced Manufacturing
30,000 Employees and Contractors
Global Operations Including Americas, Europe, Asia Pacific and Japan
Enabling privacy-compliant workforce visibility with DTEX through pseudonymization and minimal data collection.
- Privacy-first monitoring
- Rapid global deployment
- Enterprise-scale visibility
Company profile
A global Fortune 500 technology company with approximately 30,000 employees and contractors operating across the Americas, Europe, Asia Pacific, and Japan.
The need
The customer required an insider risk management platform which could improve visibility of remote worker activity and limit workforce security risks, without compromising employee privacy.
A privacy-by-design approach was adopted to align with ENISA recommendations for Privacy and Data Protection by Design, incorporating a careful communication strategy with full transparency regarding the requirement for improved measurement of security risks and operational efficiency for the remote workforce.
DTEX delivered this project with a privacy-by-design approach to fulfill the following outcomes:
- Provide full visibility of global enterprise workforce activities while minimizing the collection of data and leveraging DTEX’s pseudonymization technique to ensure proportionate monitoring.
- Implement a GDPR and CCPA-compliant monitoring system to detect and mitigate insider threats while reducing the risks of remote working.
Vendor evaluation and global implementation
The customer shortlisted three insider risk management vendors for a proof-of-concept evaluation. All vendors were expected to demonstrate their capability in alignment with Privacy, Functional, Impact, and Scale requirements. Each solution was deployed to 250 user endpoints and 10 servers in production, where data collection was enabled for 30 days across all devices. The ability of each vendor to deliver on the mandatory requirements was documented by the customer in the table below, where the following taxonomy was applied:
1. Privacy Requirements
Matrix Key
| — Vendor capability not provided | ⭕ Vendor capability not satisfactory | ➕➕ Vendor capability satisfactory | ➕➕➕ Vendor capability exceeds |
| Mandatory requirements | Vendor 1 ProofPoint | Vendor 2 Forcepoint | Vendor 3 DTEX | Notable observations |
|---|---|---|---|---|
| GDPR & CCPA Compliant | ⭕ | ⭕ | ➕➕➕ | To meet the proportionality requirements of GDPR, Vendors 1 and 2 could only be deployed to targeted high risk business areas due to reliance on more intrusive capabilities as part of their core offering. |
| Privacy Impact Assessment | ➕➕ | ⭕ | ➕➕ | Vendors 1 and 3 were able to provide customer references where PIA’s were successfully completed. |
| Pseudonymization Capability | ⭕ | — | ➕➕ | Vendors 1 and 2 were unable to demonstrate capability beyond masking of data. Vendor 3 provided a tokenization/encryption capability which permitted legal/HR to be the administrators of the de-anonymization process. |
| Proportionality of Data Capture | ⭕ | ⭕ | ➕➕➕ | Vendors 1 and 2 rely on image capture and keystroke logging as core capability. |
| Works Council & Union Support | ⭕ | ⭕ | ➕➕➕ | Vendor 3 was able to provide clear support and evidence from Works Councils and Unions. |
2. Functional Requirements
| Mandatory requirements | Vendor 1 ProofPoint | Vendor 2 Forcepoint | Vendor 3 DTEX | Notable observations |
|---|---|---|---|---|
| Endpoint Metadata | ➕➕ | ⭕ | ➕➕➕ | Vendor 3 metadata had highest signal/noise ratio and the data-points captured is configurable. |
| Behavior Analysis | ⭕ | ➕➕ | ➕➕➕ | Behavior Analytics from Vendor 3 incorporates MITRE behavioral science research. |
| Risk Scoring | ➕➕ | ➕➕ | ➕➕➕ | Vendor 3 Risk Scoring models compatible with Splunk RBA and other SIEM and ITSM products. |
| Reports & Dashboards | ➕➕ | ⭕ | ➕➕ | Vendors 1 and 3 have automated reports which are easily configured. |
| Ease of Use | ➕➕➕ | ⭕ | ➕➕ | Vendor 2 requires significant professional services support. |
| Cloud-hosted and On-premise Support | ⭕ | — | ➕➕➕ | Vendor 1 unable to achieve feature-parity via cloud and on-premise. Vendor 2 does not support cloud. Vendor 3 with full feature parity of both cloud and on-premise products. |
3. Impact & Scale
| Mandatory requirements | Vendor 1 ProofPoint | Vendor 2 Forcepoint | Vendor 3 DTEX | Notable observations |
|---|---|---|---|---|
| Data Volume (Capture/Storage/Processing) | ➕➕ | ➕➕ | ➕➕➕ | Vendor 3 has significantly reduced data volumes. |
| Endpoint Footprint | ➕➕ | ⭕ | ➕➕ | Vendor 2 footprint on each endpoint deemed detrimental. |
| Endpoint Performance | ⭕ | ⭕ | ➕➕➕ | Vendor 2 impact to endpoint deemed detrimental. |
| Network Performance | ➕➕ | ➕➕ | ➕➕➕ | Vendor 3 impact to network unnoticeable. |
| Scalability | ⭕ | ➕➕ | ➕➕➕ | Vendor 3 able to scale beyond 500,000 endpoints with named references. |
The solution
As the chosen solution, the DTEX Platform deployed enterprise-wide to ~33,000 (Microsoft Windows and MacOS) user endpoints and 2,000 (Microsoft Windows and Linux) servers as a cloud-hosted implementation. Data sovereignty requirements have been delivered via regional AWS instances in the EU (Netherlands), and the United States.
The mandatory requirements list was further leveraged in communications with specific EU Works Councils to provide substantiation of due diligence when selecting a monitoring technology that followed data minimization and GDPR proportionality principles.
The results
The customer successfully implemented the DTEX Platform for proactively managing insider risks and providing visibility across its global workforce of 30,000 employees and contractors.
“We evaluated three solutions against 19 weighted success criteria, with endpoint performance and employee-privacy as absolute must-have capabilities. DTEX was the only solution that could meet the mandatory privacy and scale requirements that are mission-critical to our global operations.” — Chief Information Officer
Benefits
Key project outcomes and valuable insights at 32 months:
- Privacy-first monitoring: After shortlisting and evaluating three different insider risk management solutions, DTEX was the only vendor that could meet international privacy requirements and demonstrate capability at global enterprise scale.
- Rapid global deployment: DTEX’s privacy-by-design approach and patented pseudonymization technique enabled the DTEX Platform to be approved for deployment by Information Commissioners, Works Councils and Unions in all relevant operating countries, including USA, UK, Germany, Austria, India, China, Japan, Singapore, Brazil, and Australia.
- Enterprise-scale visibility: DTEX completed global deployment within seven months with cloud architecture fully supporting compliance with data-sovereignty requirements.
Related Case Studies
Ready to Learn More?
For further insights on how the DTEX Platform secures critical infrastructure, request a demo.