“GE Capital Australia and New Zealand achieved improved data leakage detection & protection capabilities through the use of ACL technology.”
Arnold Mendoza, IT Internal Audit Manager
GE Capital is a large global specialty firm and a full subsidiary of General Electric. GE Capital Australia and New Zealand is the fifth largest lender in Australia and New Zealand by assets under management. The company has 4,600 employees and a diverse portfolio of companies including GE Money, the former GE Commercial Finance, Pacific Premium Funding and Custom Fleet, plus financial partnerships with retailers such as Myer, Coles and Harvey Norman.
Data leakage risk represents a significant issue for consumers, companies and governments alike. Rapid technological changes and growing data volumes further complicate both internal and external exposure threats. GE Capital considers data leakage protection as an integral part of its business processes and regulatory compliance initiatives. The challenge, however, is to accurately capture, analyze and monitor data flows across varied systems, devices and geographical IT installations.
The Information Security Team at GE Capital Australia and New Zealand currently receives a number of large weekly log files from the security software program implemented by GE Capital headquarters. The team, however, could only perform a limited review of the data with manual analysis techniques and spreadsheet software. Other GE Capital sites around the globe face this same challenge. The Internal Audit department at GE Capital Australia and New Zealand suggested there could be a more efficient way to analyse the log files through data analytics.
Implementation and Planning
The Internal Audit team was already using ACL™ Desktop Edition to support business units including Compliance, Fraud, Risk and Finance. After collaborating with IT Information Security, the audit team created a pilot project to automate the security log analysis using ACL technology. The proof of concept stage required ACL analytics to identify data flow event keywords, highlight data copying by non-authorized users or exiting employees, pinpoint copied large files, and generate top daily and weekly users across several channel categories.
The project analyzed eight weeks worth of USB logs data and was deemed an unmitigated success. The ACL technology was immediately applied to analyze the security logs on a regular basis. Other IT security teams across GE Capital are considering similar solutions. The scripts developed for this proof of concept have been shared with and used by other Internal Audit teams within GE Capital. The Internal Audit team also conducted in-house ACL training for Information Security personnel to ensure they can independently maintain and improve the ACL analytics as needed.
GE Capital Australia and New Zealand has used ACL technology to:
ACL technology has significantly reduced the time and effort required to analyze the large security logs. The analytics generate daily and weekly exception reports to identify potential unauthorized and unusual data copying activity for deeper investigation.
With ACL audit analytics, GE Capital Australia and New Zealand has vastly improved its data leakage detection capabilities. The depth and quality of the security log analysis project has impressed management, lowered costs, and will continue to benefit the GE Capital customers who rely on the company to protect its information.
Based on the cost savings and efficiency that automated analysis has provided, further use of ACL for other information security enhancement initiatives is being considered.
Impact Award Winner
GE Capital Australia and New Zealand received the Most Innovative Use Award for the 2011 ACL Impact Awards.
Powered By DT Author Box
ACL Insider has all the latest on ACL news, updates from our thought leaders, or re-caps from industry events that you couldn’t attend. She’s always the first on the scene with the inside scoop and you can read all about it on the ACL Blog. We’d like to tell you more about her, but her identity remains a mystery…
Error: Twitter did not respond. Please wait a few minutes and refresh this page.
Sign up to receive email updates from ACL.