Secure handling of sensitive data for the Magistrate of the City of Ostrava

The City Council is an institution providing public administration services. The City Council is composed of the Mayor, Deputy Mayors, the Secretary of the City Council and employees assigned to the City Council.

Neither the IT department nor MMO's senior management had any visibility into how users were handling the company's sensitive data. Whether it was personal data, which is subject to GDPR, or other sensitive and internal information such as contracts, case files and the like. It was not possible to determine whether this information was leaving the company through commonly used communication channels such as email, web or IM, or by copying this information onto USB devices or printing documents.

Therefore, a need arose to address the control of users' work, both in terms of the use of the systems and the control of the company's sensitive information. This necessitated the creation of a classification scheme by which sensitive data would be evaluated and subsequently monitored or protected. Thus, the requirement for a system that would automatically evaluate the company's sensitive information and data as it is processed by users and be able to both monitor activities with this information and protect it from leakage from the company. Another requirement was the management of mobile devices, which the company's users use not only to make phone calls, but also for email communication, in which sensitive information is also present. The requirement was for a simple deployment of the data protection system and subsequent management. Emphasis was also placed on notification and reporting of incidents detected by the system. Of course, price and high technological level were also very important parameters.

MMO chose the DLP system from Safetica Technologies from the possible offers available on the market. The modules selected were Discovery, Protection, UEBA and Mobile. These four products best matched the requirements and together form a complete and fully integrated on-premise DLP system.

Safetica technology is the basis for three functions - auditing user work, protecting data from unwanted and unwanted leaks, and managing mobile devices.

The audit, or Discovery module, helps to detect problems in the company's operations. It provides a quick and comprehensive overview of all activities within the company. User behavior analysis reveals how employees work, print and use software. Discovery helps save operational costs and identify where waste can be reduced. For example, information is available on the use of expensive licenses, internet network utilization, time when computers are running idle, or an overview of color and excessive printing.

Safetica UEBA provides complete information on how much time employees spend on the web, social networks or work programs. Accurate statistics on individuals and comparisons within departments are available. In addition, in the event of suspicious activity and changes in behavior, alerts are generated immediately so the situation can be addressed without delay.

Information Leakage Protection - DLP introduces the Protection module. It is a solution to protect sensitive data such as customer databases, personal information, design drawings, financial data and more. It can prevent important documents from leaking out of the company. In addition, it allows you to perform a security audit, from which it is possible to find out what is happening inside your organization.

Based on the data classification, Safetica knows who is working with which document and according to the set reaction rules blocks the prohibited activity, informs the administrator or instructs the employee about the security directive. If a document leaves the company on a USB stick, for example, Safetica will force the device to be encrypted. So no one unauthorized can access sensitive content. Even if the device is lost or stolen.

As a complement, Safetica Mobile can be used to manage the company's mobile phones. Safetica Mobile provides basic MDM for both Android and IOS platforms. It then displays the status of each device in a central console. It is possible, not only to manage the device, but also to wipe the phone in the event of loss or theft, ensuring the protection of the information stored on the device.