Global Law Firm Protects Client Data and IP

Corvil improves insider threat protection with user-centric network traffic analysis and behavioral anomaly detection

Download Now

About the Customer

Global Law Firm:

  • Provides legal services for multinationals and high-profile technology start-ups
  • More than 50% of FORTUNE 100® companies are clients
  • 7 of 10 top global technology brands are clients

Challenge

Managing the Risk of Insider Activities Circumventing Data Protection Controls and Compromising Client Data

The firm recognized the need to strengthen their security operations, as a whole, to protect and strengthen client relationships, particularly in the wake of successful ransomware infections and high-profile data breaches experienced by other law firms. While the firm had strong data protection and data privacy controls for collaboration, process automation and storage technologies, it sought to extend its security operations to address:

  • Insufficient visibility into compromised accounts and suspicious or careless user activities within the network
  • Limited insight to efficiently investigate the source and scope of security incidents

Solution

User-Centric Network Traffic Analysis for Anomaly and Threat Detection

Corvil enhanced the data protection fabric from the perimeter across the network and into the endpoint. Leveraging Corvil’s user-centric network traffic analysis with machine-learning, Corvil provided:

  • Intuitive visualization of anomalous user activity for fast triage
  • Detailed tracking of user activities and digital operations correlated with host activities
  • Automated network traffic analysis and context gathering to expand and accelerate breach detection
  • Simplified workflow to track attack indicators associated with any user to simplify forensic investigation
  • Daily business-level updates on cybersecurity risks
  • Single-click actions for file extraction, threat analysis, impact assessment, and response
  • Integrated alerts and workflows with Splunk to enable adaptive response

Additionally, Corvil provided proactive health monitoring of access control infrastructure, such as domain controllers, to ensure that additional security measures were not impacting application performance or user experience.

RESULTS

Improved Control Over Client Experience

Scope of insider threat detection
Data protection through user activity
Staff productivity
Mean time to detect and respond
Alert fatigue by delivering
Complexity of auditing user activity trails for compliance
Security impact on performance and user experience