Secure IP and trade secrets during Mergers and Acquisitions

Make sure your trade secrets remain secret

Start 60-day trial

Mergers and Acquisitions Use Case

USE CASE

The process of merging and acquiring companies can be very complex leaving little time to focus on insider threat. This use case illustrates how your organization can protect itself from data exfiltration when your organization is going through large workforce changes.

USE CASE

Acme Corp is merging with Stark Industries

This leads to duplicate job positions and several marketing employees will be let go.

USE CASE

HR gives security details on the resulting layoff

Security adds impacted employees to an alert profile.

USE CASE

Employees are given their severance packages

Security proactively adds the employees to a legal hold to preserve their files in case of litigation.

USE CASE

Later that day, security receives an alert

Maria has logged into her personal Gmail and sent herself 5 files.

USE CASE

Security looks into what files Maria sent via Gmail

They identify campaign results, marketing personas and a few files labeled “Project Tiger”.

USE CASE

Security opens the file named ProjectTiger_LaunchStrategy.docx

A quick glance shows it contains confidential information on the product roadmap.

USE CASE

Maria must delete the email

Security notifies Maria that they know she attached the files and requires her to delete the email from her inbox.

USE CASE

The process of merging and acquiring companies can be very complex leaving little time to focus on insider threat. This use case illustrates how your organization can protect itself from data exfiltration when your organization is going through large workforce changes.

USE CASE

Acme Corp is merging with Stark Industries

This leads to duplicate job positions and several marketing employees will be let go.

To prepare for the merger, the security team deploys IncydrTM to all computers.

USE CASE

HR gives security details on the resulting layoff

Security adds impacted employees to an alert profile.

Easily add users to an alert template. You can customize alerts based on type of activity (removable media, web browsers/apps, cloud sync applications or file sharing) as well as by file size and count.

USE CASE

Employees are given their severance packages

Security proactively adds the employees to a legal hold to preserve their files in case of litigation.

Preserve employee files to prevent tampering and deletion. Determine which files are saved, for which employees, and for how long. Files are automatically collected and stored in the cloud for easy access when and if eDiscovery is needed.

USE CASE

Later that day, security receives an alert

Maria has logged into her personal Gmail and sent herself 5 files.

Receive email alerts based on your chosen alert settings. See what activity took place, when, and by whom. Follow the link to investigate activities that triggered the alert.

USE CASE

Security looks into what files Maria sent via Gmail

They identify campaign results, marketing personas and a few files labeled “Project Tiger”.

Review detailed information including file name, owner, hash, path and the activity date and type.

USE CASE

Security opens the file named ProjectTiger_LaunchStrategy.docx

A quick glance shows it contains confidential information on the product roadmap.

Easily access file contents to quickly assess data risk and determine the best course of action.

USE CASE

Maria must delete the email

Security notifies Maria that they know she attached the files and requires her to delete the email from her inbox.

Incydr gives you the information you need to take fast action when data exfiltration is detected.

Frequently Asked Questions

Learn how to protect data during mergers and acquisitions

How do I determine which users to monitor for high risk activity?

We recommend all employees be monitored so you can perform investigations when and if needed. However, for mergers and acquisitions, most security teams only set alerts for users who are involved in a layoff, have access to confidential files related to the deal, or who are at higher risk of turnover following the mergers and acquisitions (like leadership, engineering and sales).

Why do you recommend users are placed on a legal hold?

Mergers and acquisitions can result in redundant positions and workforce reductions. When employees are let go involuntarily, your company faces a higher likelihood of experiencing litigation. Many companies choose to proactively preserve files in preparation for legal activity that may follow. Incydr makes this easy by performing an in-place legal hold of files on employee computers.

What actions can I take if I detect data exfiltration?

Because insider threat includes a variety of scenarios, most security teams determine the appropriate course of action based on risk, intent and employee history. The first course of action is to protect the data by requiring files be returned or deleted. Other responses include escalating to management, taking disciplinary action through HR, or sending a legal notice to the employee.

What happens if an employee deletes files when they quit?

Because Incydr automatically collects files and preserves them in the cloud, you are able to quickly restore deleted files.

How Incydr Protects Data During Mergers & Acquisitions:

Secure the transition
  • Detect data exfiltration and sabotage events during M&A reorgs or layoffs
  • Perform enhanced monitoring on employees who may be flight risks
Detect risky activity
  • Detect USB, cloud sync apps, web uploads, file sharing and email attachments
  • Configure alerts based on user, vector type or file size, count or category
Close security gaps
  • Identify Shadow IT and cloud usage trends to support the transition to corporate-sanctioned accounts
  • Protect your newly acquired intellectual property (IP) from being deleted by employees
ABOUT THE PRODUCT

Integrations

Incydr integrates with top technologies to help correlate data risks, deliver actionable insights and improve the efficiency and effectiveness of customer workflows.

Learn more right arrow icon

When to Use Incydr

Odds are you're experiencing an insider threat right now. Here are the most common times when employees put data at risk:

Join more than 50,000 organizations using Code42

Get faster detection and response to data loss caused by insider threats.
Contact Sales