Abstract
World Wide Web has redefined almost all the business models in the past twenty-five to thirty years. IoT, Big Data, AI are some of the comparatively recent technologies which brought in a revolution in the digitization and management of data. Along with the revolution arose the need for data security and consumer privacy protection, primarily concerning financial institutions. The data breach of Equifax in 2017 and personal information leaks from Facebook in 2021 led to general skepticism among the customers of large corporations. The GLBA, 1999, also known as the Financial Modernization Act, was implemented by US federal law to enforce the financial institutions to protect their private information. Built upon the GLBA, guidelines are paved by FTC for all financial institutions of the United States of America, including TI companies. In this paper, an ANN-based content classification technique using MLP architecture in combination with n-gram TF-IDF feature descriptor is proposed to detect and protect the customers' sensitive information of a reputed TI company securing it's one of the digital image-document stores. The proposed technique is compared with other state-of-the-art strategies. Data samples from the digital document store of the company have been taken into consideration in the study, and the prediction accuracy metrics obtained are found to be substantially better and within the acceptable range defined by the organization's information security monitoring team.
Highlights
Preventing the leak of sensitive information, popularly known as data leak or data loss to an unauthorized recipient, is the primary goal of an organization’s information security system [19], [20], [44]
NPI is required to be secured by the financial organizations in the United States of America under the law, as per the FTC guidelines [18], [43], based on the GLBA of 1999 [3], [5], [22], [32], [35], popularly known as Financial Modernization Act
The experiments are conducted with real-time data of a TI company to address an existing business problem
Summary
Preventing the leak of sensitive information, popularly known as data leak or data loss to an unauthorized recipient, is the primary goal of an organization’s information security system [19], [20], [44]. Like all other financial institutions, TI companies collect sensitive personal information of their customers for business purposes This information is often categorized into three primary types; NPI, PII, and PI are the designated types in the descending order of sensitivity. BACKGROUND OF DATA LEAK PREVENTION SYSTEMS DLPs are specially designed expert systems that can detect, monitor, and take preventive actions against any possible information leak based on predefined policy rules [9]. These systems are popularly identified with names such as Information loss/Leak Prevention system, Extrusion Prevention System, Content Monitoring System, Filtering System, etc. The popular channels through which data leak incidents occurred in different organizations in the past are removable storage, Web Applications, Email, Instant Messaging applications, printed and scanned physical, and digitally stored documents [2], [37]
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
