Data Exfiltration
Learn about common data exfiltration challenges and how IncydrTM helps solve them

What is data exfiltration?
Data exfiltration is the unauthorized movement of data. It is most frequently used to describe intentional scenarios in which a user takes files from corporate-owned computers, systems and applications for personal benefit. This often results in financial, reputational or efficiency gains for an employee. For an organization, however, data exfiltration is an Insider Risk that must be addressed as part of a data security strategy.
While many believe data exfiltration is done with malicious intent, such as IP theft, this is not always the case. Not all data exfiltration means an employee intends to steal data. Employees and contractors may move data to unauthorized places to get their jobs done more easily and efficiently. For example, they may use an unsanctioned USB device to transfer a large file to another coworker. Or they might use their own DropBox account to send a file to an agency because external sharing is blocked within their corporate OneDrive system. They do not intend to cause harm, but these actions still put corporate data at risk.
Unfortunately, an employee having good intent when taking data doesn't mean there isn't significant corporate impact. Organizations need a way to speed the time it takes to detect and respond to data exfiltration activity in order to properly protect their brand, customers and competitive advantage.
Data exfiltration is common during employee departure
63%
of employees admit to taking company data to a new job.
(Code42 Data Exposure Report 2019)
78%
of security leaders believe prevention solutions are not enough to stop insider threat.
(Code42 Data Exposure Report 2019)
69%
of organizations breached by insider threat had a DLP solution in place.
(Code42 Data Exposure Report 2019)