Protect valuable data during mergers and acquisitions

More than 50,000 mergers and acquisitions took place worldwide in 2018 alone. While a valuable growth strategy, they also introduce data risks through layoffs and turnover.

USE CASE

Acme Corp is merging with Stark Industries

This leads to duplicate job positions and several marketing employees will be let go.

USE CASE

HR gives security details on the resulting layoff

Security adds impacted employees to an alert profile.

USE CASE

Employees are given their severance packages

Security proactively adds the employees to a legal hold to preserve their files in case of litigation.

USE CASE

Later that day, security receives an alert

Maria has logged into her personal Gmail and sent herself 5 files.

USE CASE

Security looks into what files Maria sent via Gmail

They identify campaign results, marketing personas and a few files labeled “Project Tiger”.

USE CASE

Security opens the file named ProjectTiger_LaunchStrategy.docx

A quick glance shows it contains confidential information on the product roadmap.

USE CASE

Maria must delete the email

Security notifies Maria that they know she attached the files and requires her to delete the email from her inbox.

USE CASE

Acme Corp is merging with Stark Industries

This leads to duplicate job positions and several marketing employees will be let go.

To prepare for the merger, the security team deploys Code42 to all computers.

USE CASE

HR gives security details on the resulting layoff

Security adds impacted employees to an alert profile.

Easily add users to an alert template. You can customize alerts based on type of activity (removable media, web browsers/apps, cloud sync applications or file sharing) as well as by file size and count.

USE CASE

Employees are given their severance packages

Security proactively adds the employees to a legal hold to preserve their files in case of litigation.

Preserve employee files to prevent tampering and deletion. Determine which files are saved, for which employees, and for how long. Files are automatically collected and stored in the cloud for easy access when and if eDiscovery is needed.

USE CASE

Later that day, security receives an alert

Maria has logged into her personal Gmail and sent herself 5 files.

Receive email alerts based on your chosen alert settings. See what activity took place, when, and by whom. Follow the link to investigate activities that triggered the alert.

USE CASE

Security looks into what files Maria sent via Gmail

They identify campaign results, marketing personas and a few files labeled “Project Tiger”.

Review detailed information including file name, owner, hash, path and the activity date and type.

USE CASE

Security opens the file named ProjectTiger_LaunchStrategy.docx

A quick glance shows it contains confidential information on the product roadmap.

Easily access file contents to quickly assess data risk and determine the best course of action.

USE CASE

Maria must delete the email

Security notifies Maria that they know she attached the files and requires her to delete the email from her inbox.

Code42 gives you the information you need to take fast action when data exfiltration is detected.

Frequently Asked Questions

Learn how to protect data during mergers and acquisitions

How do I determine which users to monitor for high risk activity?

We recommend all employees be monitored so you can perform investigations when and if needed. However, for mergers and acquisitions, most security teams only set alerts for users who are involved in a layoff, have access to confidential files related to the deal, or who are at higher risk of turnover following the mergers and acquisitions (like leadership, engineering and sales).

Why do you recommend users are placed on a legal hold?

Mergers and acquisitions can result in redundant positions and workforce reductions. When employees are let go involuntarily, your company faces a higher likelihood of experiencing litigation. Many companies choose to proactively preserve files in preparation for legal activity that may follow. Code42 makes this easy by performing an in-place legal hold of files on employee computers.

What actions can I take if I detect data exfiltration?

Because insider threat includes a variety of scenarios, most security teams determine the appropriate course of action based on risk, intent and employee history. The first course of action is to protect the data by requiring files be returned or deleted. Other responses include escalating to management, taking disciplinary action through HR, or sending a legal notice to the employee.

What happens if an employee deletes files when they quit?

Because Code42 automatically collects files and preserves them in the cloud, you are able to quickly restore deleted files.

Detect and respond to data loss faster using:

Historical breadth
  • Monitor every time files are moved to removable media devices, web browsers/applications and cloud accounts, without the need for policies
  • Maintain 90 days of historical user activity to identify abnormalities and replay events during investigations
Forensic depth
  • Review detailed information on files, devices, cloud destinations and data exposure events
  • Identify trends and abnormalities in data movement using dashboards for common exfiltration vectors
File access
  • Access file contents to determine their sensitivity and value
  • Restore files that have been deleted by employees
ABOUT THE PRODUCT

Integrations

Code42 integrates with top technologies to help correlate data risks, deliver actionable insights and improve the efficiency and effectiveness of customer workflows. Learn more

Logos of companies that integrate with Code42.

When to Use Code42

Odds are you're experiencing an insider threat right now. Here are the most common times when employees put data at risk:

Join more than 50,000 organizations using Code42

Get faster detection and response to data loss caused by insider threats.