Israel’s First Mobile Phone Company Protects the Data of Millions of Subscribers with Forcepoint
Forcepoint DLP helps Pelephone strive for innovation and keep the personal information of 2.2 million consumer and commercial wireless customers secure.
Innovation drives Israeli mobile network company Pelephone, ever since its founding in 1986. As the first company in Israel to offer mobile phone services, Pelephone is literally a household name. The company has recently expanded into a number of digital markets, though its core business remains cellular communication services. In fact, it boasts the fastest mobile network in the country, serving over 2.2 million consumer and business subscribers. To keep this network thriving and customer data private, Pelephone has trusted Forcepoint DLP to protect its people and sensitive data for a decade. This deep experience with preventing data loss has transformed Pelephone into a champion for modernizing data security in Israel.
- Comply with national data security regulations for protecting personal data.
- Prevent data leaks that would damage the corporate reputation and violate the law.
- Protect increasingly remote workforce.
- Increase visibility and enable better corporate controls.
- Upgrade to the latest version of Forcepoint DLP.
- Stopped malicious and inadvertent exfiltration of customer data on multiple occasions.
- Established leadership in data protection among other Israeli companies.
- Positioned to be more proactive and ahead of data breaches while automating enforcement.
- Kept up with demand for innovation including getting ready for increased cloud adoption.
The power, convenience and ubiquity of the mobile phone has transformed how people live, work and play around the world. Nowhere is this more true than in Israel, where Pelephone has long been the country’s pioneer for connecting people with each other through telecommunications and digital services.
Pelephone employs about 2,600 employees serving more than 2.2 million subscribers including consumers, businesses and government customers. While a major part of its business remains the core cellular communications services, the company has also recently expanded into smart car services, digital books and online music catalog as part of its strategy to innovate continuously. As the company grew and more employees interacted with sensitive information, the need to safeguard its workforce and business-critical data compelled Pelephone to invest in Forcepoint DLP a decade ago. In recent years, Israeli Data Security Regulations imposed more stringent requirements for controlling, monitoring and recording access to personal data collected and maintained in databases. Every year, Pelephone had to level-up its data protection expertise to stay on top of national and corporate requirements.
“For ten years we’ve been a Forcepoint customer,” said Sesil Sela, Information Security Manager, Pelephone. “Information security is critical to our success. We’ve had to become experts in managing and protecting intellectual property and private customer data. Any data leak, regardless of whether it’s accidental or malicious, would damage our reputation and violate the law.”
Stopping data theft while freeing employees to do their jobs
With the massive amount of confidential information the company has accumulated, Sela and the Pelephone team have adopted strict controls. The cybersecurity team implemented very tight policy rules using Forcepoint DLP: only two employees are allowed to access and view personal data as the company takes consumer privacy extremely seriously. Sela has also added Incident Risk Ranking to automatically identify, group and stack rank issues that her small team need to address first. This will allow the two-member team to focus just on the most important alerts and ignore noncritical incidents. This fastidious attention to detail in security combined with Forcepoint DLP has enabled Pelephone to detect and stop several malicious insiders from stealing IP before it was too late, including an attempt to carry out customer account information in a backpack at 3 o’clock in the morning
Things changed quickly during the coronavirus pandemic, which forced Sela’s team to adjust its policies and controls on the fly. As more staff started working from home and connecting to cloud-based services on their own, the security team could fine tune Forcepoint data protection rules to both fit the need for the employees to access data from anywhere while providing better visibility 24/7 and enable more proactive alerts and controls.
“Forcepoint DLP gave us more visibility through alerts that showed employees emailing sensitive data to their personal accounts in order to do their work remotely,” recalled Sela. “This insight allowed us to share best practices and coach employees on how they could work better from home using the corporate tools they already had, like video conferencing for remote collaboration and communication, without having to circumvent our security policies.”
Leading on DLP
As Pelephone’s use of Forcepoint DLP matured over many years, other enterprises and government agencies in Israel took notice. Sela began fielding calls from security colleagues around the country, seeking her advice on their own adoption of advanced data security technologies and processes. She has also been invited to give presentations that share strategies and recommendations on DLP programs. Forcepoint Account Manager Michael Tamarin also works closely with Pelephone to ensure they are up to date, getting the most out of the system, and receiving invites to Forcepoint tech events and workshops.
“Our management team understands the value of DLP and our partnership with Forcepoint,” explained Sela. “We truly believe DLP is a critical business tool that helps companies avoid mistakes. What’s always been critical to our success is the engagement between managers and employees and helping each other understand how DLP is being used to support and drive our business.”
Proactively evolving cybersecurity with Forcepoint
As the telecommunications leader migrates some of its internal services to the cloud, security has been side-by-side with IT teams to evaluate and implement cloud apps and service providers.
The need for agility equally applies to data protection, as Sela believes Pelephone’s long-term strategy for DLP should center on more proactive, adaptive security. The company is currently considering options to upgrade its DLP to Dynamic User Protection, which would help the small security team focus more on the behavioral risk of users and enabling the business instead of on chasing incident alerts.
“Forcepoint is always bringing additional features and capabilities to the DLP platform,” Sela concluded. “Whenever I’m thinking about new rules and policies, the company has already delivered them as features in Forcepoint DLP that were easy to implement while reducing our cyber risk. Because of this ability to see around corners and anticipate our needs, we believe Forcepoint can play a central role in our continued journey of innovation and digital evolution.”