Data Loss Prevention Case Studies

DeviceLock DLP protects HEINEKEN Breweries from confidential information leaks

HEINEKEN Breweries LLC is a a subsidiary of HEINEKEN N.V., a leading international brewing company, which has been operating in the Russian market since February 2002 when it acquired its first brewery in Saint Petersburg. Today, the company owns eight breweries and has several sales offices located in different regions.

All HEINEKEN offices in Russia are combined into a single Multiprotocol Label Switching or MPLS network. Every year, the HEINEKEN IT team from their Amsterdam headquarters conducts annual information security audits of HEINEKEN Breweries LLC to verify its compliance with corporate global information security policies.

Among its many directives, these policies require protection against confidential information leakage. In order to fulfill the data security requirements of the corporate policy, as well as achieving compliance with the Russian Federal Law 152-FZ "On Personal Data", information security specialists of HEINEKEN Breweries LLC reviewed a number of solutions to solve the problem of controlling user access to peripheral data storage and transmission devices.

Sergey Potochkin, Information Security Manager at HEINEKEN Breweries LLC, explains: The design of our infrastructure requires that the port and device control system should be based on local enforcement agents installed on our corporate computers. At the time when such a system was specified in 2010, DeviceLock Endpoint DLP was selected as the optimal solution for our company.

In addition, NetworkLock another component of the DeviceLock DLP solution is used by HEINEKEN Breweries LLC for preventing data leaks through emails, instant messengers, file sharing services and other network communications. An important factor for choosing NetworkLock was the architectural advantage of DeviceLock its ability to control data transfers through both network channels and locally attached peripheral devices with a single DLP agent installed on each protected computer. Information security specialists of the company are also considering the option of using the content filtering modules supported in DeviceLock DLP.

The deployment of our DeviceLock-based DLP system was performed in-house by using Microsoft SCCM for agent installations and then distributing DLP policy settings through Group Policies of the Active Directory domain. Today, we are using the combination of DeviceLock and NetworkLock, whose audit log and shadow file data are automatically collected to a single management server. As a result, we have reliable controls over information access and transfer in the corporate IT system with the ability to prevent data breaches and investigate incidents related to confidential information leakage, Mr. Potochkin explained.

About DeviceLock, Inc.
Established in 1996, DeviceLock, Inc. provides device control and endpoint data leak prevention software solutions to businesses of all sizes and industries. Protecting more than 7 million computers in more than 70,000 organizations worldwide, DeviceLock has a vast range of corporate customers including financial institutions, state and federal government agencies, classified military networks, healthcare providers, telecommunications companies and educational institutions. Based in San Ramon, California, DeviceLock, Inc. is an international organization with offices in London (United Kingdom), Ratingen (Germany), Milan (Italy), Vancouver (Canada) and Moscow (Russia).