Teramind for Financial Sector

Unified User Activity Monitoring, Insider Threat Prevention, Cyber Security and Compliance Management in a Single Solution

Teramind for Financial Services: Identify and Stop Insider Threats

The Financial Services industry is a prime target for attacks from both internal and external threats. The reasons are obvious: this industry handles what the criminals want most — money, intellectual property, trade secrets and personal information.

While outside threats to the financial industry are significant and many, the biggest source of threat comes from the inside. Furthermore, a majority of insider attacks are from “inadvertent actors”, such as employees who succumb to phishing attacks. There are also threats which might seem external but are actually insider threats in disguise. For example, a ’secure’ financial services company may expose itself to dangers when it gives access to its internal system to a fintech startup, who might have a weaker security system. As another example, banks continue to outsource many operations to third-party vendors for efficiency and cost savings. However, this opens up a new avenue of threats for both the banks and their customers.

In order to stay ahead of all these insider threats, financial services organizations need to widen their cybersecurity measures to include insider threat detection and data loss prevention solutions as part of their security toolbox while also enabling them to comply with security and data privacy regulations.

Teramind Combines Activity Monitoring, Threat Detection and Data Loss Prevention into a Single Integrated Solution

Teramind is designed to assist the financial sector address data loss, cybersecurity and insider threats with its user activity monitoring, insider threat detection and data loss prevention solution. With Teramind, financial services organizations can implement effective endpoint monitoring to ensure adherence to regulatory compliance when it comes to protecting sensitive financial and personal data. Here are a few examples of what a financial services organization can achieve with Teramind:

  • Automatically locate important data and detect when it’s at risk.
  • Stop data and IP theft, sabotage, fraud and other insider threats.
  • Detect insider trading by identifying when a user saw privileged information.
  • Restrict third-party access to confidential data.
  • Prevent document exfiltration over external drives, Cloud applications like Office 365, social media, email or file sharing sites like Dropbox, Google Drive.
  • Block execution of unauthorized applications to minimize scam, ransomware, malware or virus infection.
  • Stop data theft through printed or scanned documents.
  • Embargo on time sensitive information (i.e. M&A announcement).
  • Conform with regulatory compliance.
Teramind for Financial Services value diagram

Financial Services is One of the Most Vulnerable Industries from Both Internal and External Threats:

Financial Services has the Highest Cost of Cyber Crime
According to a 2017 report, cyber crimes in financial services companies have the highest annualized cost. Source: Accenture.


Average Annualized Cost of Cyber Crime

Majority of Cyber Attacks are Financially Motivated
A 2018 Breach Investigation Report found that 76 percent of cyber attacks are motivated by money. Source: Verizon.


of Cyber Attacks are Financially Motivated

Financial Services Firms are Attacked 300X More
A typical U.S. business is attacked 4 million times per year, in contrast, a U.S. financial services firm is attacked 1 bilion times per year. Source: Forbes.


is How Often a Typical U.S. FS Firm is Attacked

Inadvertent Users are One of the Main Reasons of Threats
53% of insider attacks comes from inadvertent actors. Financial services experienced the highest level of threat from inadvertent actors. Source: IBM.


Insider Attacks Come from Inadvertent Users

Sensitive Data Types Teramind Protects:

  • Personally Identifiable Information (PII) i.e. names, addresses, social security numbers, date of birth, driver's licenses, etc.
  • Payment Card Industry Data Security Standard (PCI DSS) i.e. cardholder data, CC numbers, CAV/pin, magnetic code, SWIFT/ABA/routing and other bank codes.
  • Customer master data, policy data, claims adjudication records, transaction and other data.
  • Protected Health Information (PHI).
  • Personally Identifiable Information (PII).
  • Payment Card Industry Data Security Standard (PCI DSS).
Financial Markets
  • Personally Identifiable Information (PII).
  • Payment Card Industry Data Security Standard (PCI DSS).
  • Intellectual Property (IP): Deal Management Information, Trading Algorithms, Financial Modeling, Code Snippets, IPO Plans, M&A Plans.
  • Central Counterparties (CPP), Electronic Trade Confirmation (ETC) and Central Securities Depositories (CSD) data.
And more...
  • Billing/invoice, tax/VAT, GST/HST, signup, enrollment and payment related data.
  • GDPR special data categories (Trade union data, Biometric data).
  • HIPAA health and clinical/EHR records.
  • Other classified and unclassified data type like: Controlled Technical Information (CTI), For Official Use Only (FOUO), Federal Tax Information (FTI), EAR/ITAR protected data, Covered Financial Information (GLBA) etc.

Teramind Helps You Comply With SEC Cybersecurity Guidelines:

The Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) provides Risk Alert containing observations and general guidance1 from OCIE’s examinations of registered broker-dealers, investment advisers, and investment companies.

Teramind platform allows financial services firms to implement critical cyber security policies and procedures:

Data Inventory
  • Detailed inventory of assets, information and users

Teramind helps you keep track of all users, endpoints and data repositories with its Monitoring Agent. Individual user session, files and network resources are tracked with 12+ system object monitoring features.

Cyber Security
  • Penetration testing
  • Security monitoring and audit
  • Access control
  • Reporting

Teramind’s Policy & Rules Editor lets you conduct mock tests and drills for threats like insider attacks, insider trading, sabotage etc. It comes with detailed alerts and reports for data leaks and breach incident investigation. In addition, Teramind lets you control access to sensitive resources and data by adhering to principle of least privilege (POLP).

  • Vulnerability scan
  • Patch management

Dynamic risk scoring and vulnerabilities scanning identify high risk users, failing policies and applications before they can cause damage.

Establish & Enforce Controls
  • Acceptable use policy
  • Third-party vendor activity log
  • Termination of access

Teramind lets you monitor and enforce security rules for external and privileged users like third party vendors, remote users and IT admins.

Mandatory Training
  • Employee education and training

Video recording of potential threat scenarios and other insights derived from the various reports and etiquette rules can be used to train new employees about information security best practices.

  • Engagement of senior management

Teramind’s Enterprise dashboard lets senior management and CSO stay on top of their organization’s security health with real-time threat reports, user activity KPIs and risk trends.

1Note: The guidelines were derived from SEC’s OCIE National Exam Program Risk Alert and should not be considered as a comprehensive list as indicated on the document.

Teramind Platform is Ready for Use by the Financial Sector:

Teramind products are designed to meet the strictest security standards required by banks, insurance, forex, investment brokers and other financial services companies. Here's a summary of how we deliver our promise of Security First to our customers:

Teramind is ISO 27001 certified - the highest international standard achieved in data security and privacy for our products and throughout every level of our organization.

We use certified Tier-3 data centers designed to handle mission critical applications and deliver excellent SLA and fault tolerance.

We have On-Premise and Private Cloud deployment options for additional security and compliance required for regulated industries.

We provide secure storage and access to your data including encryption at rest and encryption on transit, RBAC, transparent data retention and deletion scheme and more.

We conduct regular penetration testing to ensure our infrastructure security is up to date.

We have Information Security Management System (ISMS) and National Institute of Standards and Technology (NIST) Cybersecurity controls in place.

Our platform features multi-stage redundancy, high availability, auto-scaling, automated-backup, fast RTO/RPO and backed by premium support.

We have comprehensive security measures for network security, physical security and continuous mentoring of our own internal staff.

Check out this page or download the brochure for more information on Teramind’s platform security.

Teramind Delivers Security, Control and Compliance for Financial Services Organizations

Establish Organization-Wide Visibility and Control

Teramind visually records every action that a user makes for over 12 objects including screen, apps, websites, files, emails, etc. Uncover what your employees are up to both online and offline. Each object can be configured to take into consideration what needs to be monitored and who has access to the monitored records. You can specify who you want to monitor, how much you want to monitor, when and for how long. This allows for instant administrative oversight in respect to all user activity while complying with any privacy requirements.

Sensitive Data Discovery and Classification

Teramind has built-in templates for many classified and unclassified data types including Personally Identifiable Information (PII), Protected Health Information (PHI), Personal Financial Information (PFI), card holder data, banking codes etc. Custom data types specific to your organization can be easily created using regular expression (RegEx) and natural language definitions. Combine OCR and fingerprinting with multiple logic, file origin, file properties and data content to discover classified information in structured/unstructured data or even images ‘on the fly’.

Powerful Policies and Rules Engine

The core of the Teramind platform is its automation. Teramind comes with hundreds of pre-defined policies and rules. For example: block email containing sensitive keywords, stop uploading of a confidential document, detect screen capture, prevent use of external drives etc. The templates cover virtually every use case of data loss prevention, insider threat detection and compliance requirements. Just pick a policy or rule template and all the data definition, content source, condition will be set automatically for you to edit.

Data Loss Prevention & Egress Control

Teramind helps you put exfiltration and egress controls in place to prevent illicit sharing of information. For example, use the File Transfer rules to block external drives. Use Clipboard rules to prevent sharing of confidential information like customer data outside the CRM. Utilize Network rules to restrict download/ upload operations in the Cloud for certain file types or all files (no need for separate Cloud Access Security Brokers). Or use dedicated Social Media and IM rules to prevent potential data leak by social engineering. There are hundreds of use cases where Teramind can proactively defend your data from malicious or accidental leaks or misuse.

Behavioral Anomaly Detection

Define what constitutes dangerous or harmful user behavior and Teramind’s sophisticated anomaly engine will automatically detect when a user, department or group deviates from their normal parameters or exceeds acceptable risk levels. Teramind can detect anomalies in applications, emails, network, file activities, printing and more. Immediately get notified about harmful user activity, lock out user or take remote control of the compromised system before any malicious or fraudulent attempts are made.

Privileged User and Third-Party Monitoring

Teramind allows organizations to create profiles for privileged users, contractors and other third-parties and then define what information and system resources each profile can access. Further rules can be set up by behavior policies so that access to sensitive information is segregated by the organization’s security policy, or on a need-to-know basis. Rules can also be created to notify the authorities of any suspicious privileged user activity, such as unscheduled and/or unauthorized changes to system configuration, and creation of backdoor accounts.

Security Sandbox

Teramind allows you to create virtual servers on Windows, VMware Horizon etc. Utilizing this capability, you can for example, setup a Terminal Server for vendors, public facing or special interest groups. Users can then login to the server using RDP keeping out of your internal network and repositories. At the same time, you can record their activates separately, restrict access or take control of the server in case of an incident keeping rest of your business immune to disruption.

Digital Forensics and Auditing

Detailed alerts for all users can be viewed including any security incidents and what actions were taken. Warning messages can be configured to inform the users about nonconformity and influence corrective behavior. Session recordings and history playback can be used to view user’s desktop for audit and evidence gathering purposes.

Risk Assessment and Treatment

Teramind has a dedicated Risk dashboard where the CSO and security analysts can conduct organization-wide risk assessment. Risk can be profiled by users, departments or by system objects. Reports can be derived by severity of risks or by how many times security violations occurred. Unique Risk Scores helps you identify high-risk users or policies so that plans can be developed for treating the risks.

Unified Security Management

Event triggers and logs from Teramind can be sent to SIEM and other analytics tools like HP ArcSight, Splunk, IBM QRadar, McAfee Enterprise Security Manager, LogRhythm, NetIQ Sentinel etc. allowing you to share reports and threat intelligence with your security team or other departments. Teramind also has a set of RESTful APIs utilizing a simple token/endpoint framework that can be easily utilized by an application supporting web service connections.

Compliance Management for PCI DSS, SOX, FFIEC and More

Financial services organizations are required to follow strict regulatory, cybersecurity, administrative and privacy standards. Teramind has built-in support for many of these compliance regulations including PCI DSS, SOX, FFIEC, GDPR etc. You can also customize Teramind to support special compliance requirements unique to your organization with its powerful Policy & Rules Editor and various monitoring and reporting capabilities.

Flexible Deployment Options

On-premise - control the Teramind implementation in its entirety, stay off-cloud if that’s your firm’s operational model, leverage LDAP groups and users to identify which users and groups to apply which policies and rules to.

Teramind Private Cloud - use your own secure, scalable private cloud implementation including AWS, Google Cloud, Azure and more.

Teramind Cloud - trust us the management of the Teramind deployment and infrastructure. Only install Teramind Agents on the machines you want to monitor and set up your users, policies and rules and let us take care of the rest.

Teramind is Ranked #1 by:

And others.

Have a Look
Interested? Try it! take a guided tour