Insider Threat Protection Use Cases

Employee Leaving the Organization with Intellectual Property

Any company with intellectual property (IP) such as manufacturing where prototypes and designs are not yet patented can be potentially at risk when an employee leaves the organization. In some industries, top talent tends to move between a few large companies that compete with one another, which puts their IP at risk. Locking down the data with usage controls ensures IP does not walk out the door with the employee. Seclore can add usage controls either manually or automatically to sensitive documents and emails. The owner of the document can manually right-click on the file or click on a button in email to add usage controls before sending the email. Seclore can also add pre-defined usage controls through the Email Auto-Protector (a Seclore MTA) to automatically apply permissions to documents when sent by email. And Seclore can inherit policies from EFSS and ECM solutions to automatically add the appropriate usage controls to documents when downloaded from the system. When the employee leaves the organization and his access is removed from the company’s directory, access to the protected emails and documents is no longer available.

Employee Remotely Using Personal Devices

Today employees are working remotely across the globe more than ever before. Although the Covid-19 situation has increased the number of remote workers, technology has advanced to where employees can connect and collaborate online. The challenge is that employees can access corporate files on their personal laptops or mobile devices. If the data is not protected, the company not only will lose visibility to track where their data resides but will also have no control over how the data is used, whom it is shared with, and the ability to revoke access to the data. Having no data protection on an email or document can be especially worrisome if the content is sensitive or regulated by compliance mandates. Seclore can work with DLP and Data Classification solutions by automatically applying the appropriate persistent, granular usage controls to discovered or classified data in emails and attachments that are sensitive. There is no need to interfere with employees’ workflow to add security. The same applies to data repositories such as EFSS and CCP system, where data is automatically protected with usage controls when uploaded or downloaded from the system.

Employees Sending Data to Personal Email Accounts/Downloading on Thumb Drives

According to Tessian, they found that employees send company data to unauthorized or personal email accounts nearly 200,000 times a year. Whether the employee’s intent is innocent or nefarious, if the data is sensitive or under compliance, data residing on personal accounts is a serious security gap for the organization. Another way employees take corporate information is by downloading documents to a thumb drive if permitted by the organization. With Seclore, the threat of sensitive and regulatory data being sent to personal accounts and thumb drives is irrelevant. Seclore protects data at the source by automatically applying persistent, granular usage controls automatically to documents when sent via email. If the document is dropped into a protected file folder when the document is downloaded to a thumb drive, the usage controls will be added to the file.

Contractors and Partners with Employee-Level Access

Organizations often treat contractors as employees giving them full trust and access to their sensitive data depending on their role in the organization. Unfortunately, there have been several high-profile cases where data was stolen and sold by contractors . With Seclore, organizations can institute a zero-trust security policy with contractors. Whether the contractor works onsite remotely, Seclore can automatically add usage controls and expiration dates to emails and documents to ensure the contractor cannot perform any unauthorized actions with the data and only has access during the duration of the project. IT can also monitor any suspicious activity and unauthorized attempts, as well as revoke access to documents at any time, regardless of where it resides.

Cookie	Duration	Description
AWSALBCORS	7 days	This cookie is managed by Amazon Web Services and is used for load balancing.
connect.sid	2 hours	This cookie is used for authentication and for secure log-in. It registers the log-in information.
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
JSESSIONID	6 hours	Used by sites written in JSP. General purpose platform session cookies that are used to maintain users' state across page requests.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
lang	session	This cookie is used to store the language preferences of a user to serve up content in that stored language the next time user visit the website.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.

Cookie	Duration	Description
ADRUM_BT1	past	This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.
ADRUM_BTa	past	This cookie is used to optimize the visitor experience on the website by detecting errors on the website and share the information to support staff.
dtCookie	session	This cookie is set by the provider Dynatrace. This is a session cookie used to collect information for Dynatrace. Its a system to track application performance and user errors.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_UA-60622713-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_uetsid	1 day	This cookies are used to collect analytical information about how visitors use the website. This information is used to compile report and improve site.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
pardot	past	The pardot cookie is set while the visitor is logged in as a Pardot user. The cookie indicates an active session and is not used for tracking.

Cookie	Duration	Description
bscookie	2 years	This cookie is a browser ID cookie set by Linked share Buttons and ad tags.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.

Cookie	Duration	Description
_ce.cch	session	No description
_ce.s	1 year	No description
_uetvid	1 year 24 days	No description available.
alr	30 minutes	No description
AnalyticsSyncHistory	1 month	No description
asst	30 minutes	No description available.
AWSALB	7 days	AWSALB is a cookie generated by the Application load balancer in the Amazon Web Services. It works slightly different from AWSELB.
cass	2 hours	No description available.
gdId	10 years	No description
gdsid	6 hours	No description
GSESSIONID	2 hours	No description available.
li_gc	2 years	No description
lpv323341	30 minutes	No description
route-gcrowd-fe-prod	session	No description available.
SameSite	past	No description available.
trs	1 year	No description available.
UserMatchHistory	1 month	Linkedin - Used to track visitors on multiple websites, in order to present relevant advertisement based on the visitor's preferences.
visitor_id323341	1 year 9 months 10 days	No description
visitor_id323341-hash	1 year 9 months 10 days	No description
visitorId	1 year	No description
widgetizedstickybar	1 month	No description available.