The Central Bank of Russia (CBR) has recommended credit institutions conduct surveillance of employee internet activity in order to prevent information leaks. It's the first time the bank has touched on the problem of data leaks and how to tackle them.
The recommendation comes after an amendment to the 2010 CBR Standard for Information Security came into effect at the beginning of June, the RBC Daily reports.
In order to avoid losing valuable information banks will be allowed to use special surveillance software for data loss prevention (DLP), the Russian newspaper said. Once installed on employees’ computers and corporate servers, it will allow the company to oversee user activity and check browser histories.
The directive requires the archiving of e-mail, in order to help an investigation should there be a leak of information.
It also includes the use of secure network protocols when the data has to go outside the company.
The data loss prevention market in Russia is worth around $50 million, with almost $15 million coming from the financial sector, says Vsevolod Ivanov, the chief executive of Info Watch. The head of the Russian software security company sees the potential for DLP to quadruple its user base, or even grow fivefold within the 3 years following the introduction of the new standards.
Analysts Gartner forecasts DLP to be worth $830 million by the end of 2014, up a quarter compared to a year ago.
In 2013, 88 percent of all companies in the world faced at least one data leak, says the Check Point Security Report. To compare, in 2012 the number was only 53 percent, and the threat keeps growing, says Dmitry Titkov, major account manager for finance institutions at Check Point Software Technologies.