Code42 Next-Gen Data Loss Protection Customer Success

Code42 and Splunk Protect IP from Employee Misuse for MACOM (Video)

As a semi-conductor design and manufacturer company, MACOM’s data includes proprietary designs and CAD drawings that are extremely valuable forms of IP. Making sure that data stays within the company and is protected from employee misuse is key to our success as a business. Part of our challenge in protecting our data is that we’re about 1,500 employees spread across roughly 50 sites globally. For such a large global organization, our security team runs lean. Jeff Litwinowich, director of IT and Security, and I are really the only two members of the team who are accountable for security at MACOM. To give us some extra horsepower, we need tools that provide visibility into what’s happening in regards to our data on both endpoints and in cloud applications.  

Having had a positive experience as a Code42 customer at a previous organization, Jeff and I were eager to look at Code42 Next-Gen Data Loss Protection as we were evaluating products which could help lay the foundation of our data loss protection strategy. At the time, MACOM was in the midst of our digital transformation, with the intention to go from IT 1.0 to 3.0 within the year. We needed a product to ensure that our data is always protected, as we were rapidly adopting cloud solutions and going through organizational changes. We needed to accomplish this without placing an administrative burden on our lean IT or security teams, or requiring on-premises infrastructure to support.   

Our initial POC validated that Code42 was easy to deploy and could detect data movement that previously would have gone unnoticed. The POC soon expanded to a company-wide deployment of Code42 Next-Gen Data Loss Protection. The global deployment went very smoothly. It was complete within about a month, which was a fast turnaround for us. Today, we have gone a step further, and integrated Code42 and Splunk. Together, these solutions not only help us monitor data activity, but also consolidate that information for a clear snapshot of what’s happening at an individual and organizational level. Having these tools provides efficiencies and enhanced security beyond what we had before. 

“ If a departing employee tells us they’re just taking personal pictures that were on their device, we can look back and validate if that is true. If we access the files and find that it was actually company property, the conversation changes. ”

Code42 and Splunk allow us to trust our employees, but verify. We’re a company of people and everyone needs to trust each other and work together. While I want to believe that no one is doing anything malicious, it’s my duty to verify, to ensure we’re all in the clear. Code42 is the validator. 

Validation happens in a few ways. When a rule is broken, we need to understand why it was broken. Was there a legitimate business reason, and was that a good enough reason not to follow that rule? Should we make an exception to the rule?

Validation can also be thought of as our way of responding to data exfiltration incidents. In times when we detect data leaving the company, we are able to access the file in question and determine if it was inadvertent or malicious. For example, if a departing employee tells us they’re just taking personal pictures that were on their device, we can look back and validate if that is true. If we access the files and find that it was actually company property, the conversation changes. 

“ Code42 and Splunk allow us to trust our employees, but verify. ”

In my role, I have a general idea of what data is important and what’s not, but I rely on the business to tell me what is truly critical. HR and legal are my primary stakeholders when it comes to protecting data from insider threats. Generally, they are looking at users who are involved in litigation or someone who’s leaving the company. They ask us to monitor the user’s activity and provide insight related to actions the user has taken in regards to their data in the past. By analyzing the Code42 data in the Splunk dashboard, I can easily go back and look at somebody’s activities after the fact to make sure we’re protecting what’s most critical to the business. 

With Code42 and Splunk, I am also able to be proactive. By setting up alerts, I can look at specific users and get immediate notification if they’re engaging in suspicious behavior like moving something to an unsanctioned cloud application or a USB. The best thing about Code42 is we have all the data and it gives us an incredible amount of visibility that we’ve never had before. 

Code42 Evolution19

My Career and Data Security Evolution

My first experience as a Code42 customer actually began when I started deploying Code42 as an intern at Maxim Integrated. At this point, we were really focused on protecting data from loss through data backup. Code42 taught me all about how to stand up internal servers and deployment application remotely. Really, working with Code42 was a godsend for me because it helped me advance in my career. It’s a big reason behind how I got to where I am.

Today, I am a system engineer at MACOM. In my role, I am responsible for deployment, integrating systems and protecting MACOM’s most valuable data as we continue our digital transformation. Unlike my past experience as a Code42 customer, MACOM’s story doesn’t begin with endpoint backup, it actually begins with data monitoring.

“ Every company needs to understand how their data is flowing. Especially as many organizations, like MACOM, undergo digital transformations. ”

We knew that we needed to understand what was happening in regard to the data on our endpoints, which led us to evaluating Code42’s Next-Gen Data Loss Protection solution. Having had a positive experience with Code42 in a past life, I was eager to learn more about this innovative new solution. It quickly became a match made in heaven.

While my experience with Code42 spans IT and security centric use cases, the common denominator across them all is data. Data is the core of any company’s competitive advantage. If somebody walks out with a prototype or design file on a USB, well then there it goes. Every company needs to understand how their data is flowing. Especially as many organizations, like MACOM, undergo digital transformations. It’s important to understand how data is moving between cloud services and USB drives.

MACOM has been a Code42 Next-Gen DLP customer for a little less than a year now, and we have already made significant strides related to protecting our most valuable data. In fact, I will be co-hosting a session at Evolution19 on this topic with Code42 SE, Isaac O’Connell. For a deeper dive into MACOM’s story, join Isaac and I on Wednesday, May 1 at 10:30 am for our session, Using Next-Gen DLP to Protect Data from Inside Threats.

I hope to see many of you in Denver and hear about your own evolution with Code42. Pun intended!