Challenge: Keeping up with the evolving security landscape
To fuel and protect their innovation as a high-growth tech company, UserTesting’s security team partners with the business to ensure data security amidst their culture of agility, collaboration and employee enablement.
“Things are changing. People are not beholden to security the way they may have been 20 years ago. Not everybody is behind a firewall anymore,” says Dustin Fritz, Senior Security Architect at UserTesting.
When Dustin joined UserTesting, he was tasked with selecting and implementing a solution to protect data from theft, misuse and exfiltration. From his past experience building data protection strategies, he understood the complexities of implementing traditional DLP — not to mention the sheer amount of time involved.
Solution: Enable employees to collaborate remotely without compromising security
Dustin’s visionary approach to data security for UserTesting meant finding a solution that would allow them to protect their data in a reality where the perimeter no longer exists, without impeding the high-performance culture ingrained in their company values.
This criteria led Dustin to Code42 Incydr™. “The big differentiator with Incydr is that it doesn’t block — it actually has nothing to do with blocking. It has to do with gaining insight into risky behavior and using that information to inform and educate users or address that risk before it turns into a data breach,” says Dustin.
“Other vendors in the space might have a mode of operation that doesn’t block, but they only focus on specific types of data. What I’m more interested in is the underlying behavior. First, I want to understand the characteristics of data movement and then I can determine what the data is and how sensitive it might be,” Dustin explains. “I’ve used other technology and there is no technology like Code42 that I’ve experienced.”
Results: Understanding high-risk user activity to effectively mitigate Insider Risk
The insights that Dustin gains from Incydr help him to provide actionable details to internal partners including IT, engineering, legal, and HR. Together they can determine and take the right-sized response to each incident based on the full picture of data movement — whether malicious or unintentional. Get more information on how Dustin and the rest of the security team gained the visibility they need to understand how, where, when and what data moves in and out of their organization in the full readout below.