Industry Insights

Legacy DLP Doesn’t Work: McAfee Sues Former Employees for Stealing Company Data

5 min Read

Joe Payne

If you think your company is immune to departing employees walking out the door with sensitive data, think again.

Case in point: In 2019, a world leader in data loss security, McAfee, filed a lawsuit against three former employees for conspiracy and stealing trade secrets before they went to work for Tanium, a market rival. To carry out the alleged heist, the employees did not use the type of sophisticated technology that you might expect. Instead, according to the lawsuit, confidential company information was moved to unauthorized USB devices, private email addresses and cloud-based drives.

The kicker? A “leader” in data loss prevention didn’t realize that critical data was leaving until months after the damage was already done. And even then, they couldn’t definitively determine what had been taken or how much. 

Thank you, McAfee, for demonstrating what many of your customers must already know — legacy Data Loss Prevention (DLP) doesn’t work. If a legacy DLP vendor can’t keep a simple breach from occurring in its own company (a breach of data that McAfee claims is worth millions of dollars!) why would anyone trust legacy DLP software to keep their data safe? Short answer: they shouldn’t.

The insider threat problem is growing

The insider threat problem is getting worse. Simply put: when people leave jobs, many take data with them. And according to Code42’s 2020 Data Exposure Report, more than two-thirds of workers who said they have taken data are repeat offenders. The consequences of this behavior are even more damaging to a business when workers take data from a former employer and go to work for a competitor. According to a recent report from the Ponemon Institute, insider threats increased by 47% from 2018 to 2020. It’s no longer a matter of whether data leaves, but when it leaves – and it’s leaving every day.

Part of the problem is that data has never been more portable — so taking it has never been easier. Sales lists, product specs, pricing information, payroll data and even contact lists are just a few examples of small but critically important files that are simple to take. Employees can store hundreds of gigabytes on their mobile devices, put 1TB or more of data on removable media, or quickly transfer data to personal cloud storage services like Dropbox.

This is a solvable problem

At Code42 we’ve been working to help our customers face these challenges. Our insider risk detection and response solution identifies what data employees are taking as they depart your organization. In fact, we look back for 90 days because we have found that smart employees take important data long before they actually quit. Unlike McAfee and other traditional DLP players, we don’t require policies or classification of data, which means our solutions roll out in days not months. Oh, and unlike traditional DLP, we track all data exfiltration.

Chances are you are suffering from a data loss incident right now and don’t even know it. If you don’t want to be wrapped up in a lawsuit with a former employee, it’s time to take a closer look at your data loss protection strategy. You want to get the right tools in place to catch data loss before employees depart and the damage is done.

New business priorities like remote work and digital transformation have exposed gaps in security stacks. View the infographic summary of Forrester’s survey of 315+ security leaders on their new priorities.

Joe Payne

Joe brings to Code42 more than 20 years of leadership and a proven track record with high-growth software companies. He has a broad experience base in delivering software and Software-as-a-Service (SaaS) solutions to enterprises across numerous industries. As president and CEO of Code42, he drives the company’s strategic direction and oversees all operations. Joe currently serves on the boards of directors of multiple public and private companies, as well as the board of not-for-profit First Focus Campaign for Children.