Group-IB Digital Risk Protection Review

Broad protection, good stability, fast support, and reasonable pricing


What is our primary use case?

We help customers in combatting the scams and contrasting done by using their brand images in the digital world, namely social media websites, mobile applications, and instant messengers.

How has it helped my organization?

Some of the scams and frauds are delivered through specific local web platform for example: Quicksell.co, android-apk.com, Indonesian based forum websites and other websites that are not well known internationally. Group-IB Digital Risk Protection allows you to monitor custom web platform. The ability to monitor and enforce a custom web platform or custom social media customers in combating fraud effectively especially when the scams is not delivered through mainstream social media platforms.

What is most valuable?

It provides the broadest protection covering websites, marketplace, advertising, social media, which includes Instagram, Twitter, and Facebook, and even instant messenger, darkweb, pastebin and Github.

They also have a team of skilled analysts to support monitoring/takedown wherever human support is required.

What needs improvement?

It is in the early stage of innovation, but it has been developing constantly and rapidly. The room for improvements for this kind of solution is basically in terms of mapping between multiple resources. For example, if a fraudster or scammer is using Instagram to track potential customers of an organization, he might also use fraudulent resources of a website, mobile application, or instant messenger as a part of an elaborate scheme. Group-IB is working on mapping such related fraud resources so that they can see the whole pattern and then track the fraudster or scammer conducting the scheme.

They could also improve the Risk Scoring Engine. Whenever any resource comes up in the monitoring section, there is an engine to score whether it is a high risk, low risk, or no risk, or whether it is legal for the customer. This part could be improved because different channels require different mechanisms for scoring the risk. On the website, it can score a risk easily, but for social media and instant messenger, some things need to be adjusted. It is not similar to monitoring a website.

For how long have I used the solution?

I have been using this solution for the past two years.

What do I think about the stability of the solution?

Overall, the site is working without any notable downtime. There has been some regular maintenance a few times, which usually takes one hour or two hours, but it does not actually affect the customer experience. The maintenance usually happens after office hours. It does not affect our clients who access it during their office hours.

What do I think about the scalability of the solution?

Scalability-wise, it is very decent because it is built on top of the cloud platform. It is pretty much scalable.

We manage two clients. One of them is the biggest bank, and the other one is one of the biggest state government enterprises. So, they constantly experience fraud and scams. We could effectively and easily monitor more than tens of thousands of links over six months to one year.

In terms of users, typically, there are at least three users from the customer side for daily monitoring and tracking. There is one person from the security organization and one person who represents the marketing division that owns the whole branding. They also onboard one person for risks. The system could effectively be run by these three users, but my clients typically also have a managed services team. We have one front protection specialist at our end to effectively sum up the findings, do escalation, and create some reporting. In total, there are around six to seven users who are accessing it.

Its usage is increasing because more capabilities are available for the customer. Initially, the customers were taking down only websites and social media, but then they also added application distribution and instant messengers such as Telegram or WhatsApp.

How are customer service and technical support?

For every customer, Group-IB deploys dedicated workflow support to gather all the requirements. To monitor a new brand or get something escalated to the Group IB site, there is a technical account manager for each customer. This way, the SLAs are maintained in a very strict manner. 

The response of their support is very fast because there is an assigned person for each customer. We can communicate with them directly.

Which solution did I use previously and why did I switch?

Our banking clients in Indonesia were not using a dedicated solution like this. They saw brand protection as only protecting the website from malware and phishing. So, they were not using any such solution.

How was the initial setup?

The deployment process is very straightforward. It is also very seamless. Customers could be onboarded in less than 24 hours. For onboarding, it requires information about the social media and instant messengers officially being used and the websites that officially belong to the customer. All this is gathered in a form, and once submitted, customers will directly be able to access the website within a day. It is very simple and very fast.

From a client's perspective, no staff is required for deployment. Only one staff member is required to gather all this information in a form, which is then submitted to Group-IB. They will work the whole setup of the portal, and the next day customers can access it by using their credentials. Once activated, it takes less than a week to effectively aggregate all the information. It starts aggregating all this data based on the customer-specific keywords that have been put. In the second week, a customer will already be able to use the whole system with full functionality. 

In terms of the implementation strategy, we start with monitoring only the websites, and then we onboard the social media, mobile applications, and instant messengers. It is a SaaS model, and nothing is required from the customer's side to maintain this solution.

What was our ROI?

ROI could be measured effectively by comparing the cost and the amount of work or the number of resources that are taken down. It gives companies a clear ROI measurement. They can easily calculate against the number of resources that have been taken down, and they can actually map it against the brand image or reputation damage. One such resource can impact multiple customers.

What's my experience with pricing, setup cost, and licensing?

At the moment, its pricing is very reasonable for the whole work that Group-IB is doing for the banks. We can easily calculate the return on investment based on that pricing because the number of resources that need to be taken down would reach up to thousands within months. Its pricing is very reasonable for this kind of work.

It is subscription-based. There are different packages that are based on a limited or unlimited number of takedowns. It is very simple subscription scheme with no hidden fees.

What other advice do I have?

I would suggest having good management of your branding on social media. Very often, customers do not have a specific policy in order to manage their official branding on social media. Such a policy will definitely help in the enforcement of the brand or intellectual property in the digital world because you will have a baseline of what is whitelisted, what is not allowed, and what brands could not be considered legal at any point. It is very important to have the marketing department involved in this because they essentially manage the official branding in the digital world, be it social media or websites. Otherwise, the whole operation of Digital Risk Protection would be much less effective.

I would rate Group-IB Digital Risk Protection a nine out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
**Disclosure: My company has a business relationship with this vendor other than being a customer: I am working as a local partner for Group-IB to deliver the solutions to our clients in Indonesia.
Add a Comment
Guest