While carrying out a basic internal security assessment and compliance audit within one of Europe's largest financial services organisations, the further investigation of some common non-compliant user activities uncovered a massive illegal trading ring, where a number of employees were circumventing internet filtering and security systems to download vast amount of pornography, pirated movies and unlicensed music for black-market distribution. This discovery was instrumental in developing new internal security.

Due to the multimillion dollar information theft scandal widely publicized by media, Dtex was identified and given the responsibility to provide the F1 team with a comprehensive analysis of its existing Group Information Security Policy (GISP). We were able to update the GISP to reflect current trends and legislature critical in securing an organisation, while maintaining the fine balance between employee privacy and internal security.

Weeks prior to the launch of the new ‘off-the-shelf’ product by one of South East Asia's largest pharmaceutical manufacturers, imitation products were already making their way onto the pharmacy shelves. A cover investigation carried out using SystemSkan revealed that dynamic research data was being targeted by a trusted employee, who was copying, renaming and uploading these files onto an FTP server where an authorised 3rd party was provided with daily updates. Interestingly, the company believed that they had prevented data leakage by disabling the use of USB drives and blocking webmail, while perpetrator was simply posting the data onto a disguised FTP site.

Having spent 2 years and more than $8Million developing maps for a specific country, the company's key intelectual property was compromised when a senior employee resigned, taking copies of the map and distributing them on the black market. In addition to this loss, the company suffered another major blow when it was sued by their key customer for breach of exclusivity. Shortly after the incident, SystemSkan was implemented to track and control the access and distribution of sensitive data.