Executive Guardian

Product Description

Corporate executives and high profile individuals are attractive targets for attackers because of their influence, access to valuable information, and high visibility to the public and the press.

RiskIQ Executive Guardian detects and removes individuals’ leaked personal data published on the web in order to prevent such information from falling into the wrong hands and give security teams knowledge of possible risks to the physical security of executives or their families that can be exploited (e.g., kidnapping, ransom, or bribery) or used in social engineering attacks against the organization resulting from such data being publicly accessible.

Detection & Data Security

Covered individuals must securely transfer their personal data to RiskIQ via completing an onboarding questionnaire and indicating consent for which types of data may be entered into search engines related to themselves and their family members as well as which steps RiskIQ is authorized to take on their behalf in order to remove detected data published on the Internet. Provided data and the events generated in relation to them are securely stored in a PCI-compliant environment. To protect the privacy of this information, all initial workspace configuration and tuning changes directly handling this data are performed during CST business hours in a dedicated secure room.

Based on the provided values and workspace configurations reflecting the individuals’ preferences and public persona, RiskIQ virtual users covertly search for leaked private information about high profile individuals in the same way that hackers do, but in an automated, recurring manner, and from a variety of different geographic locations to increase visibility. Searches are based on a combination of known likely sites to check (e.g. paste sites, personal data aggregation sites, social media sites, etc.) and general, source-agnostic searches.

The full recorded contents of each virtual user session is analyzed to detect any personal information the user encountered, as well as the location and context in which it was found. Our searches are indirect to avoid entering sensitive information into a search engine (which can inadvertently cause such data to become easier for others to find online), and we record and store all observed data to analyze locally and retain for a period of time for historical analysis. 

RiskIQ supports detection for the following types of data in the list below. See the right-hand column for whether/how that value can be entered into a search engine or if it is considered too great a privacy risk to do so. Other types of data outside of the values on this list may be requested, but must be reviewed and approved for inclusion.

Data Type

Search Engine Use

Legal Name (first and last) - Principal

Only with customer’s unambiguous written consent after disclosure

Alias / Nickname / Pseudonym- Principal

Only with customer’s unambiguous written consent after disclosure

Date of Birth - Principal

Never

Current / Former Home Address(es) - Principal

City / State used only with customer’s unambiguous written consent after disclosure (other content never used)

Current / Former Phone Number(s) - Principal

Area Code used only with customer’s unambiguous written consent after disclosure (other content never used)

Job Title - Principal

Only with customer’s unambiguous written consent after disclosure

Current Employer - Principal

Only with customer’s unambiguous written consent after disclosure

Current / Former email address(es) - Principal

Never

Current / Former Social Account Usernames - Principal

Only with customer’s unambiguous written consent after disclosure

Business Interests - Principal

Only with customer’s unambiguous written consent after disclosure

Internal Job Title / ID Number - Principal

Never

VIN Number / Plate Number - Principal

Never

Legal Name (first and last) - Spouse / Partner

Only with customer’s unambiguous written consent after disclosure

Alias / Nickname / Pseudonym - Spouse / Partner

Only with customer’s unambiguous written consent after disclosure

Date of Birth - Spouse / Partner

Never

Current / Former Home Address(s) - Spouse / Partner

City / State  used only with customer’s unambiguous written consent after disclosure (other content never used)

Current / Former Phone Number(s) - Spouse / Partner

Area Code used only with customer’s unambiguous written consent after disclosure (other content never used)

Job Title - Spouse / Partner

Only with customer’s unambiguous written consent after disclosure

Current Employer - Spouse / Partner

Only with customer’s unambiguous written consent after disclosure

Current / Former email address(es) - Spouse / Partner

Never

Current / Former Social Account Usernames - Spouse / Partner

Only with customer’s unambiguous written consent after disclosure

Business Interests - Spouse / Partner

Only with customer’s unambiguous written consent after disclosure

Internal Job Title / ID Number - Spouse / Partner

Never

VIN Number / Plate Number - Spouse / Partner

Never

Legal Name (first and last) - Parent / Sibling / Adult Children

Never

Alias / Nickname / Pseudonym - Parent / Sibling / Adult Children

Never

Date of Birth - Parent / Sibling / Adult Children

Never

Current / Former Home Address - Parent / Sibling / Adult Children

City / State  used only with customer’s unambiguous written consent after disclosure (other content never used)

Current / Former Phone Number(s) - Parent / Sibling / Adult Children

Never

Current / Former Social Account Usernames - Parent / Sibling / Adult Children

Only with customer’s unambiguous written consent after disclosure

Business Interests - Parent / Sibling / Adult Children

Only with customer’s unambiguous written consent after disclosure

Internal Job Title / ID Number - Parent / Sibling / Adult Children

Never

VIN Number / Plate Number - Parent / Sibling / Adult Children

Never

Legal Name (first and last) - Children

Never

Alias / Nickname / Pseudo Name - Children

Never

Date of Birth - Children

Never

Current / Former Home Address(es) - Children

Never

Current School Name - Children

Never

Current School Address - Children

Never

Current / Former Phone Number(s) - Children

Never

Current / Former Social Account User Names - Children

Never

Current / Former email address(es) - Children

Never

Threat Management & Mitigation

RiskIQ provides a web interface and API for authorized RiskIQ and client team members to review detected events, and for RiskIQ’s incident response team to respond appropriately through workflow built into the platform, notifying the customer security team and/or requesting the removal of detected private information from sites as quickly as possible following the standards and protocols described in our Managed Security Services (MSS) Agreement. 

Automatic email alerts for new or updated events are also available. Alerts contain a link to view it the event in the RiskIQ web interface, but no information about the event itself is included in the emails themselves to ensure that only authenticated users can view such information.

Recurring automated monitoring of events every 48 hours lets users know when data has been successfully removed, and monitoring post-resolution automatically reopens events should any previously removed content come back up in the future.

Reporting

RiskIQ will provide suggested privacy best practices to all Covered Individuals and well as initial findings on their online presence. Monthly reports thereafter will be provided detailing the number of events detected, their current statuses, and other metrics including performance metrics related to event generation, management, and mitigation over time.

Additionally, RiskIQ’s web interface provides a live dashboard of events by status, geographic distribution, and trend in event generation over time. The web interface includes the ability for authorized users to export event metadata to CSV on-demand as well. 

For security reasons, reports and exports do not include any of the actual private data values detected--only metadata about events.