A recent Axios report showed that over half of tech workers would resign if their company were to track employee productivity. The survey addressed the various ways companies have started to monitor their employees. In the frenzied shift to remote work in 2019, many companies turned to invasive surveillance to monitor employee productivity from recording video/audio, to tracking keystrokes and capturing images of employee screens. While it may have been implemented to monitor performance or to track assets, surveillance tech lacks transparency and compromises the trust and collaboration necessary to build a culture of security. The inherent power dynamic created by surveillance compromises the culture of trust that is necessary to build out successful security practices. Code42’s CISO, Jadee Hansen, furthered our sentiment around the importance of transparent security cultures. In her episode with Inside Jobs, hosted by Hillarie McClure, Hanson touched on the top three macro-trends she’s observing in Cybersecurity and how Insider Risk Management is becoming essential for the industry’s security stacks. Surveillance has no place in an Insider Risk Program.
Why it matters:
Now more than ever we are seeing rapid and pivotal changes to the digital work environment and daily routines. The hybrid return to work is changing the way we communicate, making it more important than ever to adapt to the digital nature of knowledge workers’ jobs. The increase in insider data breaches and the importance of collaboration puts many companies in a difficult dilemma forcing them to choose which of the two problems they want to address and prioritize. This is where Incydr comes in. Code 42 recognizes the changing workplace and the need to increase mitigation strategies of internal risk. We can tackle both concerns by tracking data exfiltration, not employees, and taking an empathetic approach to security practices to address organization’s data protection concerns.
Gartner’s 2022 Market Guide for Insider Risk Management echoes the problems with invasive surveillance. In our observations of the report we noted that Gartner believes that the hazards of inhibiting organizational culture outweigh the perceived benefits of productivity monitoring. We wholeheartedly agree with Gartner’s observations that a successful risk mitigation strategy must consider the Insider’s trust in the organization. The evolving ways that data is leaked or stolen have proven to us that tracking data exfiltration events is more successful than tracking employee behavior. When you track behavior, you watch everyone and look for mistakes. But, tracking data movement to untrusted locations allows your security team to view only the important events, and address them without the noise of other events.
Incydr tracks all data movement to untrusted locations, regardless of who moves the data or how it’s moved, meaning that you surface all the risk in your organization, not just the risks you’re already looking to prevent. Often, employees move sensitive data to unapproved cloud drives or personal computers as a result of trying to do their jobs most efficiently. Because most of these events are non-malicious, an empathetic approach to IRM allows for response controls that take into account the severity of an event. In many cases, a more empathetic approach to the event (e.g. sending someone a training who made a mistake) is the more effective way to stop the behavior from happening again and helps to build a more secure workforce. This empathetic approach extends beyond mitigating data breaches by tackling the increasing levels of employee burnout across all industries. When employees are burned out, they don’t have the time and energy to maintain safe security practices.
At Code42 we recognize that this is a time where empathy within security practices is essential to keep your data safe and your team on track. Empathetic security investigations involve minimizing jumping to conclusions about an employee’s intentions and treating every incident and employee with the respect they deserve. Additionally, cultivating transparent security practices, where users know and understand why and what data is being tracked enables a culture of trust to grow stronger in your organization. When employees understand the acceptable uses of data and endpoints, stress about security practices inherently decreases and allows users to be a part of the security culture.
Why we agree with employees:
Insider Risk Management is becoming increasingly important as technology and workforces are evolving. Over three-quarters of insider data-breaches in 2021 involved data loss or exposure, costing companies upwards of 20% of their annual revenue. Additionally, organizations experience an average of 13 data exposure events per day. Increases in data breaches are occurring across all industries, actively demonstrating organization’s need to rethink standard DLP practices.
The increasing volume and variety of data loss in combination with workforce volatility have allowed us to reinvent employee relationship’s with security practices. By recognizing the importance of IRM and advocating for collaboration, Incydr allows security teams to monitor all IP movement by tracking data, not monitoring employee actions. Tracking data enables Incydr to have eyes on all of your crown jewels while only flagging concerning behaviors.
We understand that collaboration is vital for the success of every organization and is not something that can be sacrificed for your Insider Risk Management Program. Especially with the popular hybrid workforce, borderless activity makes endpoint security and teamwork more important than ever. Our data focused approach has allowed us to build stronger data protection without employee monitoring.
What we do:
Incydr provides a comprehensive approach to data protection by allowing you to detect file exfiltration and movement across web browsers, endpoints and collaboration tools. Our data monitoring dashboard alerts you immediately when files are sent to personal accounts and devices, allowing you to stop a data breach before the damage is done.
Incydr isn’t about putting up barriers or burying you in policy management. It’s about making sure your employees don’t send valuable data to people and places you don’t trust. This requires visibility, context, and a wide range of controls.
Part of those controls take effect before employees even open their laptops. Bite-sized cyber security education that’s both proactive and situational works to prevent data breaches from happening in the first place by teaching employees what to look out for and encouraging secure practices.
Dustin Fritz, Senior Security Architect at UserTesting, agrees with Code42’s philosophy of education and said that Incydr’s built in education has helped to strengthen UserTesting’s culture of trust.
“You want to build trust and avoid situations that don’t contribute to that goal – it’s better that employees are mindful, proactive, and actually reach out to security when they see something risky instead of just seeing security as a roadblock and bypassing security altogether,” says Fritz.
Ultimately Code42 is built for the organization that requires both data security and collaboration. Without a lot of resources, you’ll gain control over the data leaving your organization today, and power the secure work habits needed to decrease how often employees put data at risk in the future. We echo Axio’s research and Gartner’s stance that a strong Insider Risk Management program is most effective without employee productivity monitoring.
Respond confidently to data leaks before the damage is done
Incydr, a data protection product, provides a comprehensive understanding of your data exposure and shows you which activities require security intervention. Let’s work together to help your company secure the collaboration culture.