Code42 Incydr: A cloud-native product that mitigates insider data exposure and exfiltration
Code42 announced the Code42 Incydr product, a new SaaS offering that protects organizations’ intellectual property, source code and trade secrets.
The SaaS solution is built to mitigate exposure from data exfiltration and directly addresses the gaps in security solutions for insider threats, the cause of 66% of breaches.
“Insider risk is an inescapable, growing problem that has been underestimated, underfunded and under the radar for too long,” said Code42 President and CEO Joe Payne.
“The pandemic and its impact on workforce collaboration is a catalyst for security teams to rethink how they address data protection without compromising collaboration. Incydr prioritizes risks to data and provides fast and easy event investigation and response capabilities, while paving a new path for companies to protect their trade secrets.”
The business world has been redefined in 2020 as entire workforces are now widely distributed, and traditional network perimeters have further dissolved. The use of collaboration technologies has exploded to facilitate worker productivity and innovation.
These transformative market forces have introduced pervasive and growing risks to corporate IP – the lifeblood of many organizations – with traditional security solutions often unable to prevent it from falling into the wrong hands.
“For me, it’s about actionable intelligence. With the insights that Incydr provides, we are able to quickly and easily determine what is normal behavior and what is an indicator of insider risk,” said Dustin Fritz, senior security architect at UserTesting, a leading provider of on-demand human insights.
“We need to be able to trust our employees, but we also need to be able to have visibility into risky data behavior so we can inform, engage and educate, and, where necessary, be able to detect and respond to actual risks before they become an incident.”
End-to-end insider protection, from monitoring to response
Incydr delivers the detailed intelligence security teams need to identify and act on the greatest risks to their data. Unlike conventional DLP, CASB and UEBA tools that take singular views of risk, Incydr correlates rich context across three dimensions – files, vectors and users – to speed insider threat response.
Incydr features built-in case management functionality so security teams can efficiently compile, document and disseminate investigation details for formal insider risk incidents. With proper context on hand, organizations can remediate incidents through automated action, corrective conversation, additional training or litigation.
Additional features of Incydr:
- Delivers comprehensive visibility across computers, cloud and email: Is informed by direct integrations with corporate cloud and email services and an endpoint agent that continuously observes all on- and off-network employee file activity taking place on Mac, Windows and Linux endpoint devices, regardless of what is considered acceptable by security policy.
- Differentiates between trusted and untrusted file activity: Surfaces file events happening across a variety of vectors, such as email, Dropbox, iCloud, USB, browser uploads, Slack and Airdrop. Filters out the noise of file movement to trusted vectors to surface only concerning activity.
- Delivers high-fidelity risk signal: Prioritizes the file events that represent the most risk to data and warrant deeper investigation by security teams, such as file movement that takes place outside an employee’s normal work hours.
- Provides efficient workflows to protect vulnerable data: Offers prescriptive workflows to quickly detect and respond when data is most vulnerable to threat, including during employee offboarding or remote work. Delivers company-wide visibility to identify gaps in security awareness, uncover shadow IT, and validate the efficacy of other security technologies.
- Offers fast time to value: Deploys in as little as 48 hours and positively impacts an organization’s security posture within two weeks.
Surfaces data exposure trends
Telemetry data generated by Incydr between July 1 and August 31 reveals:
- On average, a typical employee causes 20 file exposure events per day.
- Nearly half (45%) of all file exposure events detected involve business files or source code, which are the most likely data types to trigger a high-value data leak incident.
- Data exfiltration is not limited to the traditional work week. More than one-third of weekend file exposure events happened via removable media, a surprising – and suspicious – choice of vector for employees working from home.