Airline
100,000+ employees
Global
Lightweight IRM with powerful behavioral analytics and executive-level reports that summarize organizational risk with actionable recommendations.
- Faster Remediation
- Simplified Investigations
- One-click Reporting
Company profile
A global airline with over 100,000 employees and an expanding ecosystem recognized the importance of building an insider risk program. Insider risks can be especially threatening to critical transportation operations, with malicious or careless employees able to compromise sensitive data, disrupt services, or cause irreparable damage to the global transportation network. Detecting both internal and external threats in real-time is essential for the airline industry, as any operational disruption can affect millions of travelers, and compromise public safety.
The need — performance and reporting
After struggling for years with existing insider risk management (IRM) performance issues including false positives and difficult reporting, the airline realized they needed to look for an alternative solution to meet their needs. And with the negatives outweighing the positives of their current technology, they decided to move on even prior to finding an immediate replacement because it wasn’t adding the expected value.
The airline IRM team wanted better visibility into risky activity, while also protecting their employee’s privacy and company culture. They needed to be able to pinpoint clear indicators of intent (IoCs) sooner like privilege escalation, data obfuscation, and data exfiltration. And the team needed to be able to act fast.
The solution — DTEX insider risk management
To meet these needs, the airline replaced their existing technology with the DTEX Platform. This brought together the capabilities of more effective user and entity behavior analytics (UEBA) and risk-adaptive DLP in a single, lightweight, cloud-native platform. The DTEX Platform delivers the context and intelligence to answer the Who, What, When, Where and How and successfully identifies the risks posed by users with “authorized” access to an organization’s resources in near-real-time, both on and off the corporate network.
DTEX detects the difference between normal, careless, and malicious behavior, quickly zeroing in on true threats. As a zero-impact solution, the DTEX Platform collects only 3-5 MB of data per user each day with low CPU usage and zero impact on employee efficiency or productivity and integrates well with the security ecosystem including SIEM.
The results — holistic insights for airlines with proactive IRM
By adopting the DTEX Platform as its insider risk management solution, the airline successfully addressed their performance issues and gained extensive visibility and valuable context around user behavior.
Benefits
- Faster Remediation: With the DTEX Platform’s ability to accelerate identification, risky behavior is identified much earlier in the insider threat kill chain before a data incident can occur.
- Simplified Investigations: DTEX’s intuitive dashboards and correlation capabilities simplified investigations, allowing analysts to make informed decisions more efficiently. Previously, investigations could take months, but with DTEX’s integration, this was reduced to a matter of days.
- One-click Reporting: DTEX reports provide concise insight into business risk, in plain language, and include recommendations to avoid data loss events. Available at an organization and user level, technical detail is summarized graphically for easy understanding, key takeaways, and or immediate action.
By adopting the DTEX Platform as its insider risk management solution, the airline successfully addressed their performance issues and gained extensive visibility and valuable context around user behavior.
Related Case Studies
Ready to Learn More?
For further insights on how the DTEX Platform secures critical infrastructure, request a demo.