The Inside Job: Code42 Guards Against Employee Data Theft

When it comes to security, one of the most unguarded risks to your enterprise doesn’t come from external cyberthieves. It’s actually from your own workers—employees, contractors, and third parties to whom you’ve issued the credentials and computer access to do their work. Indeed, 90 percent of organizations experience at least one insider threat each month. What’s more, 89 percent of all data loss incidents point to actors inside the organization.

These are startling numbers that beg the question, why? Let’s assume that people aren’t any more morally evolved today than 100 years ago. Clearly, one thing that’s changed is that technology allows dishonest people to effortlessly do bad things on a bigger scale. For example, a century ago, stealing contact info for all a company’s customers would have required a heart-pounding heist that ends in a getaway car. Today, however, the same theft requires dragging and dropping one file to a USB stick or to an unsanctioned cloud drive. In one second, the list is in the wild, ready to be sold on the dark web. And, because the technology allows such easy exits for sensitive information, sometimes data loss is truly accidental. For instance, consider when an employee mistakenly sends sensitive company information to the wrong person, or uses an insecure network connection. Whatever the intent, the result is the same: the customer list or other valuable data is gone.

Code42: sophisticated monitoring technology

While insider threats are on the rise, only one-quarter of today’s organizations have a targeted insider threat management program in place. In its recent report, “Hunting Insider Threats,” the influential research firm Forrester recommends deploying monitoring technology to make sure employee behavior aligns with your organization’s requirements and policies. Code42 CrashPlan offers just that—a highly sophisticated way of detecting anomalies that’s both efficient and scalable, and doesn’t interfere with user productivity.

Pinpointing suspicious activity
Code42 CrashPlan helps to pinpoint suspicious activity by monitoring patterns of employee behavior. By seeing all activity in a specific time window, information security professionals can distinguish between normal and abnormal behavior, giving them the context to spot anomalies.

In addition, Code42 CrashPlan monitors the actual content of files and the patterns in that content. As an example, consider an employee who is copying patient records, personal contact information, social security information, credit card numbers, or files with a specific taxonomy such as code names for upcoming products. Code42 CrashPlan also knows when an employee has deleted an important file or taken personally identifiable information and burned it to a CD.

When suspicious behavior is identified, Code42 CrashPlan can be used for creating alerts, allowing information security professionals to take immediate action. Because the software monitors both unusual user patterns and the actual content of files, indications of compromise can be more accurate, thus minimizing the number of false positives.

Complete endpoint visibility
All this activity is displayed via an information-rich console, providing complete visibility into what’s happening on endpoint devices such as desktop computers, laptops, smart phones, and tablets. Information security professionals can view the console to identify files that have been moved or deleted. They can also track how these files were moved—whether they were exported as an email attachment, downloaded to an external hard drive, or uploaded to a cloud server. Having this information saves time and money by providing the detailed information required to track down the thief.

Reliable backup of deleted files
Another important feature of Code42 is that it reliably backs up deleted files, a critical capability for users of popular file hosting services such as Microsoft OneDrive, DropBox, and Box. For instance, if a disgruntled employee whose Box folder is synced to the Box cloud deletes all his desktop files, those files are simultaneously deleted in the file-sharing cloud, rendering them gone forever. Code42 CrashPlan protects against the destruction of intellectual property by automatically and continuously backing up all endpoint data so that files can be quickly restored to a point in time just before the employee deleted them.

Your protection against insider threats and employee data theft

In today’s world, it’s critical that every organization build an insider threat program. To make sure it’s effective, you need to ask yourself two questions: First, “Am I aware when someone is copying or deleting critical company files?” Second, “If someone deletes sensitive data, can I get it back?” The answer to both of those questions is “yes”— if you have Code42 CrashPlan.

To learn more, download the Forrester report, “Hunting Insider Threats.”

Hunting Insider Threats download banner

Leave a Reply

Your email address will not be published. Required fields are marked *