Stealing a jumbo-jet airplane sounds like a ridiculous movie, but it’s actually just one example of IP theft. It’s happening to tech giants like Twitter and Google, and consumer brands like Hershey. But it’s also happening to organizations built around security — like McAfee and even the CIA. In fact, a survey by Osterman Research found that seven in 10 organizations had experienced significant data or knowledge loss due to employees exfiltrating information.
The huge (and hidden) costs of insider IP theft
The risk of losing your “secret sauce” is obvious. But there’s a huge range of IP to protect: product roadmaps, strategic go-to-market plans, customer lists and other inside sales info, source code, or CAD files in the midst of development. These are all critical gears in a business’s revenue engine. Losing any one of them could stall that engine — delaying product launches, impacting service levels, impeding sales conversations. But it can also cause your business to lose its competitive advantages — or worse, see these advantages fall into the hands of a competitor.
Most IP exists as living, moving, evolving files — that’s why it’s such a challenge
One big problem with protecting IP is that these are the files your employees are working on every day. They need to be edited and shared — this is critical to enable the collaboration and innovation that fuel businesses’ success. It’s also no surprise that nearly three in four employees (72%) say they feel entitled to the work product they create, according to the Code42 Data Exposure Report.
And that’s how most IP theft happens: Authorized employees working within the realm of “normal” activity. That’s also why IP theft typically goes unnoticed until the damage starts showing up: A copycat product from a competitor. A call from regulators. Or reading your company’s name in the headlines. By then, it’s too late to take effective action to protect and reclaim the stolen IP. It’s much harder to take action once an employee has left the company. And it’s much, much harder to do anything once the IP is in the hands of a competitor.
Code42 Incydr helps you see and respond to IP threats — before it’s too late
The headlines make it clear that companies need a better approach to protect their IP from insider theft. The Code42 Incydr data risk detection and response solution tackles that challenge by focusing on giving security teams simplicity, signal and speed:
- Detecting all file activity
Unlike conventional data security tools, like DLP, Incydr monitors all file movement — regardless of what is considered acceptable by security policy. Incydr detects file sharing and exfiltration across computers, web browsers, the cloud and email through an agent and direct cloud and email integrations.
- Real-time visibility into off-network and Mirror IT activity
Most traditional security tools focus on activity within a LAN or VPN. But with well over half the workforce now working remotely—and only 10% consistently using a VPN—off-network activity is an immense blind side. Incydr sees all off-network activity — and can also give visibility into so-called “Mirror IT” activity — when employees use a personal account on a company-sanctioned app (Google Drive, Slack, etc.).
- Recognize files and identify your IP
Instead of relying on data classification, Incydr automatically organizes files based on contents and extensions, recognizing source code, presentations, spreadsheets and more. You can easily filter alerts and visualizations for the file types you value most, without having to know specific file signatures.
- High-fidelity alerts you can trust
To protect your known “crown jewels,” Incydr alerts you when files with specific file names or extensions are moved to untrusted destinations or shared via a cloud service. Wildcards can be used for any unknown values.
- Context for rapid investigation and response
When suspicious activity is detected, Incydr provides you with an efficient way to compile, document and disseminate pertinent investigation details so you can substantiate insider threat investigations and respond quickly, including preserving files and other evidence needed for legal action.
The solution here isn’t all that complex: Security teams need tools that make it simple to protect IP, trade secrets and other valuable data — not saddle them with never-ending data classification puzzles. They need a clear signal of risk — not a litany of false positives that push them into alert fatigue. And they need to be able to investigate and respond faster — so they can take action before the IP gets out in the world and the damage is done.