Insider Threat Protection Use Cases

Employee Leaving the Organization with Intellectual Property

Any company with intellectual property (IP) such as manufacturing where prototypes and designs are not yet patented can be potentially at risk when an employee leaves the organization. In some industries, top talent tends to move between a few large companies that compete with one another, which puts their IP at risk. Locking down the data with usage controls ensures IP does not walk out the door with the employee. Seclore can add usage controls either manually or automatically to sensitive documents and emails. The owner of the document can manually right-click on the file or click on a button in email to add usage controls before sending the email. Seclore can also add pre-defined usage controls through the Email Auto-Protector (a Seclore MTA) to automatically apply permissions to documents when sent by email. And Seclore can inherit policies from EFSS and ECM solutions to automatically add the appropriate usage controls to documents when downloaded from the system. When the employee leaves the organization and his access is removed from the company’s directory, access to the protected emails and documents is no longer available.

Employee Leaving the Organization with Intellectual Property 600
Employee Remotely Using Personal Devices 600

Employee Remotely Using Personal Devices

Today employees are working remotely across the globe more than ever before. Although the Covid-19 situation has increased the number of remote workers, technology has advanced to where employees can connect and collaborate online. The challenge is that employees can access corporate files on their personal laptops or mobile devices. If the data is not protected, the company not only will lose visibility to track where their data resides but will also have no control over how the data is used, whom it is shared with, and the ability to revoke access to the data. Having no data protection on an email or document can be especially worrisome if the content is sensitive or regulated by compliance mandates. Seclore can work with DLP and Data Classification solutions by automatically applying the appropriate persistent, granular usage controls to discovered or classified data in emails and attachments that are sensitive. There is no need to interfere with employees’ workflow to add security. The same applies to data repositories such as EFSS and CCP system, where data is automatically protected with usage controls when uploaded or downloaded from the system.

Employees Sending Data to Personal Email Accounts/Downloading on Thumb Drives

According to Tessian, they found that employees send company data to unauthorized or personal email accounts nearly 200,000 times a year. Whether the employee’s intent is innocent or nefarious, if the data is sensitive or under compliance, data residing on personal accounts is a serious security gap for the organization. Another way employees take corporate information is by downloading documents to a thumb drive if permitted by the organization. With Seclore, the threat of sensitive and regulatory data being sent to personal accounts and thumb drives is irrelevant. Seclore protects data at the source by automatically applying persistent, granular usage controls automatically to documents when sent via email. If the document is dropped into a protected file folder when the document is downloaded to a thumb drive, the usage controls will be added to the file.

Employees Sending Data to Personal Email AccountsDownloading on Thumb Drives 600
Contractors and Partners with Employee Level Access 600

Contractors and Partners with Employee-Level Access

Organizations often treat contractors as employees giving them full trust and access to their sensitive data depending on their role in the organization. Unfortunately, there have been several high-profile cases where data was stolen and sold by contractors . With Seclore, organizations can institute a zero-trust security policy with contractors. Whether the contractor works onsite remotely, Seclore can automatically add usage controls and expiration dates to emails and documents to ensure the contractor cannot perform any unauthorized actions with the data and only has access during the duration of the project. IT can also monitor any suspicious activity and unauthorized attempts, as well as revoke access to documents at any time, regardless of where it resides.