Code42, the leader in insider threat detection, investigation and response, announced it has advanced its cloud data security solution with the second in a series of new capabilities designed to help companies defend against the rising tide of insider threats.
The newest enhancements equip security teams to closely monitor, detect and investigate data threats caused by high-risk employees. This includes workers, who have access to high-value data; temporary employees, such as contractors and interns; as well as employees, who may be a flight risk, have had recent performance concerns or are known to fall for phishing attacks.
The new capabilities complement the company’s earlier product enhancements, which enable security teams to quickly spot data theft when employees resign and depart. Together, the series is intended to deliver on Code42’s broader product strategy: to secure data throughout the employee lifecycle — from hire to exit or separation.
This includes milestone events such as promotions, performance reviews and disciplinary actions. The new product capabilities will be on display at RSA Conference 2020.
“There’s no debate. Insider threat programs have failed to keep pace with today’s digital workplace,” said Joe Payne, Code42’s president and CEO.
“Collaborative technologies — like Slack, Box, and Microsoft Teams and OneDrive — have made it easy for employees to legitimately share files via personal email and the cloud.
“At the same time, they also have made it easier to exfiltrate data such as product ideas, source code and customer lists. Our cloud-based product was built to allow organizations to identify, investigate and respond to exfiltration events that stem from insiders.”
According to the 2020 Code42 Data Exposure Report, workers move files in and out of organizations using email (38%), external devices (35%), cloud collaboration platforms (31%) and browser uploads (26%). To provide security teams complete visibility to where data lives and moves, Code42’s insider threat solution quickly detects when files are:
- Uploaded to personal email or other unsanctioned websites via web browsers
- Uploaded to personal cloud sync applications, including iCloud, Box, Dropbox, Google and Microsoft OneDrive
- Transferred to USB and other removable media devices
- Shared to untrusted domains outside of corporate GoogleDrive, OneDrive or Box accounts
- Deleted en masse off employee computers
With a high-fidelity signal, Code42’s solution helps security teams cut through the noise created by false alerts so they can pinpoint suspicious data activity among high-risk users and speed the investigation process. The latest product enhancements enable security teams to:
- Access a prioritized list of users whose file activity requires investigation
- Quickly determine the potential exfiltration vectors used across computers, cloud and email
- Assess activities within the context of a user’s 1-, 7-, 30- and 90-day history
- Review indicators of increased risk, such as which activities have taken place outside of an employee’s normal active hours
- Review the exact content of files at risk
- Escalate to line of business, HR and legal stakeholders when necessary