Protect company data when employees quit

Last year, 40 million people changed jobs—and 60 percent of them took data with them when they quit.

USE CASE

Alex accepts a new sales job with a competitor

When he gives his notice, security adds him to an alert profile.

USE CASE

Security reviews what Alex did before he quit

A 90-day look at his file activity shows nothing unusual happened.

USE CASE

3 days later, security receives an email alert

Alex added files to Dropbox only minutes ago.

USE CASE

Security looks into what files Alex put in Dropbox

Most of the uploaded files look harmless, like his W-9 and resume, but one appears to be a customer list.

USE CASE

Security opens the customer list .xlsx file

A quick glance shows it contains information on active clients that Alex shouldn’t take to his new job.

USE CASE

Alex must permanently delete the file from Dropbox

Security tells Alex’s manager about the customer list. His manager watches while he permanently deletes the file from his Dropbox account.

USE CASE

Alex accepts a new sales job with a competitor

When he gives his notice, security adds him to an alert profile.

Easily add departing employees to an alert template. Customize alerts based on type of activity (removable media, web browsers/apps, cloud sync applications or file sharing) as well as by file size and count.

USE CASE

Security reviews what Alex did before he quit

A 90-day look at his file activity shows nothing unusual happened.

Investigate up to 90 days of past file activity to identify high-risk behavior. Narrow your investigation by timeframe, exposure type, file category, file name, file hash and more.

USE CASE

3 days later, security receives an email alert

Alex added files to Dropbox only minutes ago.

Receive email alerts based on your chosen alert settings. See what activity took place, when, and by whom. Follow the link to investigate activities that triggered the alert.

USE CASE

Security looks into what files Alex put in Dropbox

Most of the uploaded files look harmless, like his W-9 and resume, but one appears to be a customer list.

Review detailed information on file activity including file name, owner, hash, path and the activity date and type.

USE CASE

Security opens the customer list .xlsx file

A quick glance shows it contains information on active clients that Alex shouldn’t take to his new job.

Easily access file contents to quickly assess data risk and determine the best course of action.

USE CASE

Alex must permanently delete the file from Dropbox

Security tells Alex’s manager about the customer list. His manager watches while he permanently deletes the file from his Dropbox account.

Code42 gives you the information you need to take fast action when data exfiltration is detected.

Frequently Asked Questions

Learn how to protect data when an employee leaves.

What activities can you detect?

Code42 Next-Gen DLP detects when users move files to removable media devices, web browsers, web applications and cloud sync folders, as well as when they share files externally via corporate OneDrive, Google Drive and Box environments. Learn more

How do I identify when employees exfiltrate data?

Customizable alerts can be set for near real-time notification of data exfiltration. Code42 also assigns categories to files in order to help you identify your most important data at a glance. Monitored categories include archive, audio, document, executable, image, PDF, presentation, script, source code, spreadsheet, video and virtual disk image. When you're alerted of risk, you can quickly access the file(s) in question to make an informed decision about whether it's acceptable for an employee to take.

Why should I review past activity after an employee turns in their notice?

Many employees take data before they give their two weeks' notice. Because Code42 is constantly monitoring file activities for all employees, security teams are able to look back on 90 days of history to see the timeline of events leading up to the employee's departure. Of course, security teams can always configure alerts to be notified of these activities in real-time.

What actions can I take if I detect data exfiltration?

Because insider threat includes a variety of scenarios, most security teams determine the appropriate course of action based on risk, intent and employee history. The first course of action is to protect the data by requiring files be returned or deleted. Other responses include escalating to management, taking disciplinary action through HR, or sending a legal notice to the employee.

What happens if an employee deletes files when they quit?

Because Code42 automatically collects files and preserves them in the cloud, you are able to quickly restore any deleted files.

Detect and respond to data loss faster using:

Historical breadth
  • Logs file activity across removable media devices, browsers and cloud without policies
  • Maintains 90 days of a user's file activity
Forensic depth
  • Detailed info on files, devices, cloud destinations and exposure events
  • Preserves copies of files for as long as needed
File access
  • Quickly access file contents to determine their sensitivity and value
  • Restore files that have been deleted by employees
  • Recover files from lost and stolen devices
ABOUT THE PRODUCT

Integrations

Code42 integrates with top technologies to help correlate data risks, deliver actionable insights and improve the efficiency and effectiveness of customer workflows. Learn more

Logos of companies that integrate with Code42.

  • PingID_logo

When to Use Code42

Odds are you're experiencing an insider threat right now. Here are the most common times when employees put data at risk:

Join more than 50,000 organizations using Code42

Get faster detection and response to data loss caused by insider threats.