This is a real life story shared by a BLACKbox customer.
If you don’t want to read further, Check this video, https://youtu.be/PDP6kYO4TA8 it will save you from all reading efforts, sensitize you to such possible act in your enterprise, and of course, will entertain you.
Varun is hired by a competitor to get (read steal) confidential data on Project X, which is intellectual property of our customer. A strict Non Disclosure Agreement (NDA) is instrumented to create serious liability on our customer to keep this data secret and confidential.
Varun thinks that it’s just an easy job. He tries various means to steal confidential data listed as below, and fails.
A. He tries to take away data by USB drive on his desktop and realizes that BLACKbox has tight control and monitoring on USB usage. He fails to harm the enterprise.
B. He requests for full Internet access in disguise of research work with intention to upload data on personal cloud storage. He realizes that BLACKbox does extend full internet access for research work but isolates designated confidential data. He fails to harm the enterprise.
C. So, he gives excuse of heavy work load and asks permission to work on his personal laptop in office as well as at home. He realizes that data is installed on his laptop in professional mode and he can’t take it out through USB or internet. He fails to harm the enterprise
D. So, he tries to use his personal email to attach data to send out. He realizes that personal mail is not allowed in professional mode. He fails to harm the enterprise.
E. So, he plans to attach file through his enterprise email, but comes to know that his emails are being vigilled by his immediate supervisor.
F. Finally, he fructifies a brilliant idea, he submits a confidential report to his boss with BCC to competitor assuming, boss would not know who is in BCC. BLACKbox sends BCC report immediately to boss, halts email sent through BCC as per Information Security policy and he is caught. Again, He fails to harm the enterprise.
Finally, he is fired. BLACKboxhas all his screens captured of his computer activities as evidence. They are subjected to cyber-crime with indisputable evidences.
Please revert to this post if you know any other way to steal data from enterprise, I will be happy to give you the remedy.
Best Regards,
Vishal Shah
Founder and CEO,
Synersoft Technoloiges Pvt Ltd