Trust, but verify, with Incydr and Splunk
MACOM advances their data security posture while also ensuring that their employees are enabled to work at the speed that business requires.
Here’s what MACOM’s departing employee process looks like with Incydr:
- HR Notice: Our HR team understands how we’re trying to focus on the unique data loss risk presented by departing employees. Having their buy-in ensures that HR informs us as soon as an employee gives notice that they’re leaving the company. This kick-starts the entire workflow.
- Past Activity Examined: As soon as we know an employee is leaving, we look back at the last 90 days of their file activity to see if they’ve done anything risky.
- Employee Added to Watchlist: Going forward, that employee is added to a watchlist within Incydr for enhanced monitoring. We watch their file activity closely for potentially risky data movement.
- Activity Alerts for File Movement: Incydr automatically generates activity notifications when an employee on our watchlist exceeds our defined file activity thresholds (moving too many files, moving too much data, moving files in specific ways, etc.).
- Forensic Investigation: Once again, since we’re able to track all file activity over the last 90 days, we’re able to rapidly investigate any alerts to assess whether the activity represents a data loss risk.
- Response: Our strong partnerships with Legal and HR allow us to quickly bring them in to execute an appropriate response to an identified risk. This also means we’re not left being the bad guys; our staff see us as the brand-value and idea protectors instead of the police.
Learn more about MACOM’s 6-step workflow for protecting data when employees quit.