Code42 adds real-time blocking capabilities to the Incydr IRM solution
At RSA Conference 2023, Code42 announced that it has added real-time blocking capabilities to the Incydr IRM solution. The enhancement allows security teams to prevent unacceptable data exfiltration without the management burden, inaccuracy, and endpoint impact of content-based policies.
Insider Risk is emerging as the most difficult threat to detect in today’s environments. Despite 72% of organizations having a program dedicated to Insider Risk, over four in five CISOs admit data loss from insiders is a problem for their company. The problem is only expanding with a 32% increase year-over-year in the number of insider events.
To mitigate this growing risk, Code42 Incydr IRM allows security teams to easily tailor their response to the offender and offense by training users, containing threats, and now blocking unacceptable user activity.
Unlike traditional security tools that block based on broad content inspection and policies, the blocking capabilities in Incydr IRM are targeted to the riskiest user populations and ensure files are only blocked if sent to untrusted destinations. The new set of capabilities includes the ability to:
- Block untrusted browser uploads
- Block removable media from mounting (e.g. USB transfers)
- Block external cloud file sharing from corporate cloud systems including Microsoft OneDrive, Google Drive, and Box
- Block users from copying and pasting data into untrusted destinations such as ChatGPT or Evernote
This targeted approach allows employees to continue to work efficiently and effectively, without slowing down their devices or stopping trusted workflows.
“Most security teams use real-time blocking as their default response control to stop data loss. We believe blocking collaboration should be used only when absolutely necessary,” said Joe Payne, CEO of Code42. “There are scenarios that call for it – like when a departing employee or contractor shares data to an untrusted location. With this release, we now cover those situations. Our customers have a wide selection of response controls to apply which allows them to balance the risks of data exfiltration with their organizations’ need to stay productive. We’ve built a better way to prevent real-time data exfiltration that doesn’t drain endpoint resources or security time.”
In addition to blocking, Code42 Incydr IRM allows security teams to automatically send tailored micro-trainings to correct employee mistakes as they happen and contain insider threats and speed investigations via integrated controls with EDR and IAM products, case management and access to file contents. This effectively helps organizations drive down Insider Risk event volume and protect their intellectual property and customer data.
Incydr blocking capabilities are currently available in limited early access to customers and will be generally available this summer 2023.