Sustainable digital practices with Ava Reveal

Cyber    Jönköping Energi

Using Ava Reveal to create a more cyber-savvy workforce while continuing to keep sensitive data where it belongs.

Jönköping Energi
Industry Critical Infrastructure
Founded 1907
Headquarters Sweden
Number of users 400
Industry Critical Infrastructure
Founded 1907
Headquarters Sweden
Number of users 400

Jönköping Energi

Sustainable energy company, Jönköping Energi, supplies electricity to local Swedish consumers derived from solar, wind, and water sources. They proactively integrate innovative solutions to capture and distribute energy safely and sustainably, delivering a cost-effective product to local residents and manufacturing companies. New energy alternatives are at the core of their business, providing solar panels and modern heating solutions to create more efficient ways of capturing and using energy. In their pursuit to provide a quality product, Jönköping also needs to protect itself from the inside; understanding that they need to improve internal cyber security awareness to better protect its company, employees, and customers.

The challenges

Jönköping needed help to strengthen their company's cyber security hygiene while also hoping to gain new insight into how employees used their devices daily. Without this visibility, they were uncertain of how to keep their employees safe from cyber attacks and how to curb unsafe practices. The company was aware of the unsafe movement of documents and the inconsistent storage of information. They had a very reactive approach to curbing this type of behavior, often unable to see a moving document until it had been saved in an unsafe or unsanctioned location. This and a number of unapproved add-ons lead Jönköping to believe that they needed better insight into their internal environment. 

With a traditional data loss prevention (DLP) tool and firewalls in place, Jönköping felt that they had taken proper precautions to keep their organization from a potential security breach. What they did not have was an understanding of how information was moving throughout their environment between colleagues and outside of the organization. Since their cyber security measures were not doing enough, they decided to begin the search for a solution that could better fit their needs and create a culture of security supported by the organization as a whole.

The solution

Products used

in partnership with
Cygate Telia Logo RGB

Knowing what they wanted to accomplish, Jönköping sought a cyber security solution that would go beyond a traditional DLP and be more flexible to their needs. After listening to a conference presentation given by an Ava security engineer, Jönköping became interested in Ava Reveal and how this human-centric cyber security solution might help give better visibility into the company’s environment while also improving the cyber hygiene of its employees. Unknown to Jönköping, cyber awareness training could help curb and address bad behaviors before they were completed. This was accomplished with notifications that would appear to any employee who was able to send a document containing personally identifiable information (PII) outside the company or when downloading an unsanctioned program. Leveraging Reveal’s advanced inspection capabilities, Jönköping had better visibility into this movement of documents even without classification or tag. 

Additionally, with the ability to anonymize data, Reveal was an ideal option for giving the company insight into the moment of data while not invading the privacy of company employees. Through local partner Cygate, this electricity company set up an anonymized analyst program. Jönköping now has visibility into their environment with continuous reviews to improve cyber hygiene company-wide. 

With machine learning, Ava Reveal helps in user activity monitoring (UAM) to gain insight over a period of time. An unforeseen benefit of using Ava Reveal was the ability to use the insight gained from employees' usual and unusual practices to refine their company user policy. In knowing some of the more common footfalls that employees were taking, Jönköping could then address it in their user manual, which is then enforced by the Ava Reveal agent. This full circle creates flexibility and constantly helps employees to improve their cyber hygiene.

Automated enforcement

Better company-wide cyber hygiene

The Ava Reveal agent notifies an employee whenever they perform a practice that is considered unsafe as defined by the company. Jönköping used this feature to create a more cyber-savvy workforce, helping to curb unsafe habits proactively instead of reactively.

customized to your needs

Crafting of company policies

Through this process with Ava Reveal, Jönköping has learned a lot about the processes of their employees. For example, they learned what is normal activity and have trained employees in real-time to address ongoing company-wide issues. The company has created new policies based on the activity they did not know existed prior to the insight received through Ava Reveal.

ANONYMITY IMAGE

Anonymized data collection

Most employees are not actively working against a company when they open the wrong link or share a document that contains sensitive information. With the ability to anonymize data, Jönköping can see the extent of their employees’ activities online without assigning guilt. This way, they are able to address company-wide difficulties while not compromising the privacy of employees.

Securing a company from potential cyber security threats goes beyond firewalls and endpoint protection; it requires constant activity and updates. This is why Ava Reveal has been so instrumental in training our employees on what is and is not a safe online practice while also giving us additional securities not found in a traditional DLP. Cyber security is not a self-driving car; it is an ongoing process that involves the whole company.”

Anders Ahlghren, CISO at Jönköping Energi

The results

Jönköping Energi finds that a traditional DLP provider does not provide enough insight into their cyber infrastructure. With Ava Reveal, their company is now able to see how employees are using their computers, and in understanding this, they can better follow how sensitive information moves throughout the company. Reveal gives them visibility into where documents are being saved, whether it is safe or not, and if the right people have access to that information. Jönköping is also able to spot inefficiencies and better assign access to those who do and do not need access to these files. 

With the increased visibility, Jönköping continues to grow and adjust its employees’ guidelines in accordance with this new insight. Since Ava Reveal can bring company handbooks to life with alerts, the rules have been adjusted to keep the handbook and employees always up-to-date. With a better-defined handbook comes a more accurate collection of any anomalies found by the Reveal Agent. While most employees take the time to read through their handbooks upon arrival to the company, once settled, it is not often that they revisit these guides. Now Jönköping does not need to worry if employees have been keeping themselves familiar with new rules. The Reveal Agent handles this for them, allowing employees to also be confident in their daily work.

Their company has also created a better system for the classification of documents and unstructured data, making it more apparent to both Reveal and employees of Jönköping which data contains sensitive information and how to handle each accordingly. In taking the time to classify documents, Jönköping has created better organization within the system, helping to prevent the unknowing movement of sensitive data. Thereby their company is better protected against the threat of attack both internally and externally. The close relationship they share with their Ava partner also helps them get the most out of this system while staying continuously updated on their company’s health.



Subscribe to our newsletter