Code42 announced that the Code42 Incydr product
can automatically detect data exposure movement from trusted corporate
systems to unmonitored devices, such as personal mobile phones, laptops
and tablets. By identifying when a file moves to an unmonitored device,
Incydr alerts security teams to blindspots, with the critical context -
what type of information is being exposed, from where and similar
historical events - necessary to take fast action. This new detection
capability uses the Incydr Trust Model, which intelligently differentiates between sanctioned and unsanctioned activity.
Today, 91% of information security leaders are
likely to exfiltrate data from corporate systems via mobile phones.
Urgency is growing to gain visibility into this activity, with more than
half (56%) of security leaders saying it is a moderate or top priority
to determine whether employees may be exfiltrating data this way. With
the adoption of single-sign-on and cloud applications, employees are
often able to sign into their corporate accounts from any device -
including their personal laptops and phones. This means they have access
to all types of valuable company data from their personal devices.
Incydr provides visibility into these increasingly common exfiltration
events.
"Trust
is critical when it comes to managing risk. When insiders move company
data to untrusted locations like their mobile device or their Google
Drive account, they create risk for their organization," said Joe Payne,
Code42's president and CEO. "Incydr gives security leaders the
visibility to see that risk and take action to mitigate it."
Incydr Trust Model
There are two core pillars of the Code42 Incydr Trust Model: Defined Trust and Inferred Trust.
- Defined Trust:
To define the corporate environment, security teams provide Incydr with
a list of "trusted" domains and Slack workspaces. This ensures file
movement to these trusted destinations is viewed as sanctioned corporate
activity and will not generate alerts.
- Inferred Trust:
Incydr compares the activity it monitors on the endpoint with the
activity it monitors inside corporate cloud systems. This innovative
technology detects when files leave the boundary of trusted (monitored)
locations and associates risk if a file upload or download does not
reach a corporate device or cloud system. This automated comparison
infers when a file has gone to an untrusted destination, such as a
personal endpoint device, laptop or cloud account.
"We
have taken a truly unique technology approach to solve the problem of
trust," said Rob Juncker, chief technology officer with Code42. "By
correlating our visibility on trusted endpoints through our security
agent and our visibility into cloud applications through our extensive
API connections, we can determine when a file leaves one trusted
location and does not land in another trusted location. No other vendor
in security has the comprehensive view of data movement that Incydr
affords."
Availability
The Incydr Trust Model is
currently available to all Incydr customers. Incydr's ability to detect
file downloads to unmonitored devices requires licensed data connectors
for corporate systems and will be available beginning November.