2021 Data Exposure Report on Insider Risk | Get the report →
  • Partners
    • Technology Partners
    • Reseller Partners
    • Partner Portal
  • Customer Toolkit
  • University
  • Support
Code42 Logo
  • Products
    • Incydr™ Data risk detection and response for insider threat Product Overview right arrow icon
      • Features
      • Detection
      • Investigation
      • Response
      • Use Cases
      • Remote workforce monitoring
      • Departing employee monitoring
      • IP theft detection
      • View All
      • Information
      • Product Plans
      • Deployment
      • Integrations
      • Developer Portal
      • Trust & Security
      • Services
    • CrashPlan Cloud Endpoint data backup & recovery for the enterprise
  • Solutions
    • Insider Risk
    • Data Exfiltration
    • Incident Response
  • Company
    • About
    • News
    • Careers
    • Leadership
  • Resources
    • Resource Center
    • Reports, eBooks, Videos
    • Events & Webinars
    • Customer Stories
    • Product Resources
    • Integrations
    • Developer Portal
    • Trust & Security
    Data Protection: Code42 vs. DLP Leave DLP behind with a better, risk-based approach to protect data. Learn more right arrow icon
  • Blog
  • Get Started
  • Partners
    • Technology Partners
    • Reseller Partners
    • Partner Portal
  • Customer Toolkit
  • University
  • Support

SECURITY ECOSYSTEM

Insider Threat Solution Requirements Checklist


5 MIN READ

SHARE

Code42

The technical evaluation process for new security technology can be time consuming but it’s critically important. All stakeholders must be aligned on what success looks like. This includes the business problems that are to be solved, the technical capabilities needed to solve them, as well as the time, money and effort required to administer a solution.

We’ve helped you get started. Review this checklist to speed up your evaluation process and build stakeholder consensus on the requirements for purchasing an insider threat solution. Add any custom requirements to the empty lines.

Use Case Requirements

The high-level specifications that will enable you to manage insider threats. Use case requirements should be agreed upon by all project stakeholders.

  • Delivers company-wide visibility into data risk caused by end users
  • Delivers visibility into the insider threat activity of individual users 
  • Detects file exfiltration 
  • Detects file infiltration 
  • Detects file deletion and sabotage 
  • Supports insider threat investigation and incident response
  • Monitors user activity with respect for employee privacy
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]

Technical Requirements

The technical specifications required to successfully meet your use cases. Technical requirements should be set and evaluated by security analysts and architects. 

  • Offers an interface that is easy to use and navigate
  • Works without inhibiting employee productivity
  • Monitors file activity that takes place on employee computers, regardless of network
  • Monitors the creation, deletion, modification and movement of files
  • Detects removable media, cloud/web app, web upload and printing activity
  • Detects file sharing from a corporate cloud service to untrusted domains
  • Detects file attachments from a corporate email service to untrusted domains
  • Detects file deletions and provides recovery of those deleted files  
  • Offers customized monitoring for specific groups of users
  • Monitors employees during departures and layoffs 
  • Monitors high-risk employees (contractors, privileged access, flight risks, etc)
  • Prioritizes the file activity that requires investigation
  • Identifies activity that takes place outside of a user’s typical hours
  • Provides a historical view of user file activity
  • Monitors files without requiring them to be tagged or classified 
  • Provides access to file contents for investigation
  • Enables alerts to be customized and sent to other systems
  • Logs file metadata, including file name, path, size and MD5/SHA256 hash
  • Logs event information, including date, time, activity type and description of threat vectors
  • Logs user information, including username, title, department, manager, and location 
  • Supports organization-wide search by criterion, such as file name or hash 
  • Supports insider threat and intellectual property lawsuits via legal hold and eDiscovery features or integrations
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]

Architectural Requirements

The specifications that will support a smooth deployment and integration with your existing IT and security investments. These should be established by security and IT stakeholders. 

  • Solution is cloud-based
  • Cloud deployment can support federal and compliance requirements, if needed
  • Open API is available for scripting and custom integrations
  • Agent works well on all Mac, Windows and Linux operating systems
  • Agent can be mass deployed and silently installed
  • Agent testing reveals minimal endpoint impact  
  • Agent does not require VPN
  • New agent releases can be tested prior to company-wide rollout 
  • Pre-built integrations are available for technologies, including SSO, SIEM and SOAR
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]

Vendor Requirements

Your expectations for how a vendor will support you as a customer. These requirements are particularly important to security, procurement and legal stakeholders.

  • Supplies evidence of corporate data security, privacy and compliance
  • Demonstrates a proven ability to support global customers
  • Provides introductions to customer references
  • Assigns a dedicated account manager to customers
  • Demonstrates a history of executing to roadmap commitments
  • Offers opportunities to participate in advisory and early access programs
  • Demonstrates a proven ability to quickly deploy new customers
  • Offers consultative services
  • Provides knowledgeable and friendly support that is not outsourced
  • Provides 24/7 support for high-severity issues
  • Offers a robust and easy to understand documentation library 
  • Offers role-based product training 
  • Has registered with the Cloud Security Alliance
  • Offers a money-back guarantee
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]
  • [Your additional requirement here]
Code42 logo
Code42 logo

Code42

  • About Code42
  • News + Events
  • Awards
  • Investors
  • Leadership
  • Careers
  • Contact Sales

Learn More

  • Insider Threat Ecosystem
  • Reseller Partners
  • Federal Solutions
  • Higher Education Solutions
  • CrashPlan for Small Business
  • Customer Stories

Support

  • Help Center
  • Code42 University
  • Professional Services
  • Twitter Twitter
  • Facebook Facebook
  • LinkedIn LinkedIn
  • YouTube YouTube
  • Terms of Use
  • Privacy Statement
  • Impressum
© 2021 Code42 Software, Inc. All rights reserved.
Get Started with Incydr™
Contact Salesright arrow icon
We'll have an insider threat expert reach out within 24 hours
Try an Interactive Demoright arrow icon
Take Incydr for a spin in our free sandbox environment
30 Day Free Trial
Try Incydr at no cost for 30 days to quickly uncover your data blindspots.
Start trial now right arrow icon
Explore the deeper functionality of Incydr™
Contact Salesright arrow icon
We'll have an insider threat expert reach out within 24 hours
30 Day Free Trial
Try Incydr at no cost for 30 days to quickly uncover your data blindspots.
Start trial now right arrow icon

This website uses cookies to improve your user experience and to provide content tailored specifically to your interests. Detailed information on the use of cookies on this website, and how you can manage your preferences, is provided in our Cookie Notice. By clicking I Agree or continuing to use this website, you consent to the use of cookies. Learn more.

Code42
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.