Skip to content

Digital Forensics

How a global cosmetics company keeps its beauty secrets safe with Exterro tools

The combination of FTK Enterprise + AD eDiscovery® makes the shift from a reactive investigation model to a proactive, repeatable process for remote endpoint collection and incident response for a global network of employees.

The Challenge

As a global manufacturer of cosmetic and personal care products, a primary concern is to protect intellectual property. The $500+ billion global beauty industry is fiercely competitive, and consumers expect innovation and proven results to stay brand-loyal. A company’s makeup, skin care, fragrance, and hair care formulations are well-kept trade secrets, and if its product development roadmap is compromised, it cannot expect to retain the edge over its competitors. 

Statistically, most data breaches occur because of a company’s own personnel, either intentionally or more often unintentionally. To protect itself, a company must have a strong incident response and internal investigation protocol. When performing an endpoint collection from a terminated employee, or responding to a potential IT security breach, a repeatable and defensible approach to incident response is a critical need. 

Prior to deploying Exterro in support of their digital forensics and e-discovery workflow, a formal approach to incident response did not exist across the organization. Each matter was handled on an ad hoc basis, resulting in lost time and significant added costs. This also impeded efforts to establish a proactive data compliance approach that would reduce the risk of future occurrences.

The Solution

After a thorough evaluation of the marketplace, AccessData’s FTK Enterprise and AD eDiscovery products were selected to manage incident response through remote forensic collections, and to establish a repeatable e-discovery process based on the Electronic Discovery Reference Model. 

A key factor in the selection of these tools included the ability to collect from all major data sources and endpoints. As one of the world’s leading manufacturers and marketers of quality personal care products, our customer employs over 40,000 people worldwide. As such, the IT Security Dept has over 40,000 endpoints to protect and potentially investigate, so the ability to remotely collect data in a forensically sound manner was imperative. 

By using FTK Enterprise , our customer’s Digital Forensics team is now able to mass deploy remote agents to every endpoint across their network, to covertly preview and search the live data on any endpoint, before initiating a formal, targeted collection. This allows them to conduct routine HR and IT investigations, as well as post-incident analysis after a potential breach. 

Another important factor in their decision was the need to immediately establish a forensically sound, court defensible e-discovery process, from lit hold all the way through to production. AD eDiscovery gives them scalable processing to handle large datasets, with an intuitive easy-to-use interface they can manage themselves in-house. AD eDiscovery provides the automated, repeatable workflow they need to maintain internal data compliance.

“Now our legal stakeholders are active participants in the process, reducing our outsourcing costs and our dependence on IT specialists. Incident response has been accelerated through the ability of FTK Enterprise to collect from remote endpoints, and in fact, the tool has quickly gained recognition within the company. And by implementing AD eDiscovery, future risk around the product development process has been reduced through increased compliance with data protection policies.”

—Digital Forensics Program Manager

Ready to Get Started?

Get an Exterro data risk management platform demo today.

Get a Demo