This is the first in a series of articles that provide a high-level overview of the strategies and tactics required to operationalize Incydr, from planning to daily operation.
To get the most value out of Code42 Incydr, you must build Incydr into your regular processes and workflows. This operationalizing of Incydr requires additional strategic planning and marshalling of people, but will significantly help you reduce the risk that actions of insiders pose to your organization and your organization’s data.
The Code42 Security Success Team (SST) can help you plan your implementation of Incydr, and Code42 Professional Services can help you implement it. Contact your Customer Success Manager (CSM) to engage the Security Success Team and Professional Services.
Articles in the series
- Implement Incydr: Develop an insider risk program
Lay the groundwork for an insider risk program at your company, from obtaining buy-in from stakeholders such as HR, the legal department, and the C-suite, to preparing lists of assets to protect. The more you develop your program, the more effective your use of Incydr will be.
- Implement Incydr: Start implementation
At a high level, map out how Incydr fits into your insider risk program. Define the top Incydr actions to implement and configure them to work in your environment.
- Implement Incydr: Use the detection lists and alerts
Add users to Incydr's High Risk Employees list and Departing Employees list to fast-track detection of unauthorized file activity. Configure alerts to get notified when suspicious file activity occurs.
- Implement Incydr: Best practices for data sources
Add sources of information such as your employees' file activity in cloud services and email.
- Implement Incydr: Determine incident response
Determine how you respond when different kinds of insider risk actions occur. Define who needs to be notified and exactly what actions should be taken.
- Implement Incydr: Resources
Get resources to help you prepare for Incydr, from employee communications templates to individualized help from Code42 Professional Services and the Security Success Team (SST).
- Carnegie Mellon University Software Engineering Institute