Challenge: Keeping up with the evolving security landscape
To fuel and protect their innovation as a high-growth tech company, UserTesting’s security team partners with the business to ensure data security amidst their culture of agility, collaboration and employee enablement.
“Things are changing. People are not beholden to security the way they may have been 20 years ago. Not everybody is behind a firewall anymore,” says Dustin Fritz, Senior Security Architect at UserTesting.
When Dustin joined UserTesting, he was tasked with selecting and implementing a solution to protect data from theft, misuse and exfiltration. From his past experience building data protection strategies, he understood the complexities of implementing traditional DLP — not to mention the sheer amount of time involved.
Solution: Enable employees to collaborate remotely without compromising security
Dustin’s visionary approach to data security for UserTesting meant finding a solution that would allow them to protect their data in a reality where the perimeter no longer exists, without impeding the high-performance culture ingrained in their company values.
This criteria led Dustin to Code42 Incydr™. “I had to find a partner and technology that shares our values. We need to be able to trust our employees, but we also need to be able to have visibility into risky data behavior so we can inform, engage and educate, and, where necessary, be able to detect and respond to actual risks before they become an incident,” says Dustin.
“Other vendors in the space might only focus on specific types of data. What I’m more interested in is the underlying behavior. First, I want to understand the characteristics of data movement and then I can determine what the data is and how sensitive it might be,” Dustin explains. “I’ve used other technology and there is no technology like Code42 that I’ve experienced.”
Results: Understanding high-risk user activity to effectively mitigate Insider Risk
The insights that Dustin gains from Incydr help him to provide actionable details to internal partners including IT, engineering, legal, and HR. Together they can determine and take the right-sized response to each incident based on the full picture of data movement — whether malicious or unintentional. Get more information on how Dustin and the rest of the security team gained the visibility they need to understand how, where, when and what data moves in and out of their organization in the full readout below.