CIO Influence
CIO Influence News Security

Code42 Provides Security Teams with Visibility to the Data Movements of High Risk Insiders

Code42 Provides Security Teams with Visibility to the Data Movements of High Risk Insiders

Delivers programmatic ability to segment data movement by user groups

Code42 Software, Inc., the Insider Risk Management leader, announced it expanded the data risk detection capabilities in the Code42 Incydr product to give security teams visibility and context to situational Insider Risk events. Through its watchlist functionality, Incydr simplifies security teams’ ability to focus on data risk tied to distinct user groups that are most likely to put data at risk, such as departing employees, contractors, privileged users and new hires. Teams can also create custom watch lists for specific projects or departments or for users with common attributes.

“The context provided through watchlists helps security teams respond more quickly and accurately to insider risk events and drive targeted training to improve collaboration habits that decrease future data risk.”

“Since the launch of Incydr, we’ve been giving security teams visibility to insider risk events tied to departing employees, which continues to be a primary trigger for data exfiltration. We’ve learned that other clusters of employees, such as new hires, employees that have repeatedly neglected security protocols, or teams working on confidential projects, exhibit similar patterns of risky data movement – whether unintentional or malicious. Security teams can now closely monitor the data movement and exposure of these groups to apply tailored responses that will reduce data risk,” said Dave Capuano, senior vice president of product management at Code42. “The context provided through watchlists helps security teams respond more quickly and accurately to insider risk events and drive targeted training to improve collaboration habits that decrease future data risk.”

Latest ITechnology News: Fortinet Unveils New Digital Risk Protection Offering to Empower Security and Executive Teams with an Attacker’s View of the Enterprise

An Insider Risk Management (IRM) technology, Incydr helps security teams understand their company’s data exposure, prioritize events that matter, and respond with confidence. With Incydr’s watchlist functionality, security analysts can create user groups with common attributes from data that Incydr ingests, and automate investigation and response management workflows. Security teams using Incydr watchlists can programmatically:

  • Focus and streamline management workflows – Drive more efficient prioritization and investigation workflows by providing administrators with focused dashboard visualizations and alerts.
  • Closely monitor high-risk users – Organize users of similar risk level into watchlist groups based on their employment milestones, attributes and other risk factors.
  • Automate processes and reduce error – Automatically enhance monitoring by adding users to Incydr’s watchlists based on triggers from integrations with IAM, PAM or HRIS systems.
  • Easily customize alert criteria – Create alert rules that are unique to user groups on specific watchlists. Send prioritized alerts to preferred systems, such as SIEM, ITSM or Slack.

Latest ITechnology News: Accenture Acquires Advocate, Expanding Technology Business Management Capabilities

As part of Incydr, Code42 offers a variety of pre-configured as well as custom watchlists to better manage insider risk events stemming from high-value and high-risk users. Security teams can group users by:

  • Custom watchlist – Tailor a group by custom parameters, such as by department or project, like confidential organizational or financial transactions or product development initiatives. Security teams can automatically populate or exclude users to a watchlist based on their directory groups.
  • New hire watchlist – Segment file activity when employees first join an organization and may unintentionally put data at risk, and respond in a way that educates employees about their new work environment and promotes a more security-aware culture long term.
  • Departing watchlist – Gain visibility into one of the biggest sources of data loss in an organization – one in three organizations lose IP when employees depart. Integrations with IAM, PAM or HRIS systems automate workflows to make it easier and more efficient to stop data loss, leak and theft.
  • Contractors watchlist – Segment independent contractors, vendor partners and consultants with authorized access to company data that may be using personal devices and apps, are not bought into an organization’s security culture and are likely to take subsequent jobs with competitors.
  • Privileged users watchlist – Assign users with elevated system, app and network access to a common group for focused visibility to their file movements.

Latest ITechnology Interview: ITechnology Interview with Katie Drucker, Director and Global Leader, Business Development at AWS

[To share your insights with us, please write to sghosh@martechseries.com]

Related posts

Devo Partners with Prophecy International to Adopt Snare for Enhanced Endpoint Data Ingestion

Cision PRWeb

CEVA Redefines High Performance AI/ML Processing for Edge AI and Edge Compute Devices

CIO Influence News Desk

Anodot Partners with Snowflake’s Data Cloud to Power AI Analytics and Monitor Business Data

Leave a Comment