Reducing human risk with Mimecast Incydr

The challenge

The client had strong perimeter security but little insight into internal and behavioural risk, how its own people were handling and moving sensitive data.

• Unmonitored data movement through personal cloud apps and USB devices
• Blind spots around risky user behaviour
• No way to tell normal activity from a potential insider threat
• Compliance exposure, with regulators expecting evidence of data governance

The solution

C4C deployed Mimecast Incydr for continuous, contextual visibility of how data moved inside and outside the organisation, combined with our own human risk framework and aligned to the business through the IDEAL framework.

• Discovery and baselining of normal user file activity
• Integration with endpoint and cloud, including Microsoft 365, Google Drive and Box
• Custom risk scoring based on data sensitivity and user role
• Workflow automation to triage incidents and escalate genuine threats

The outcome

Within 90 days of deployment the organisation turned everyday employee activity into a managed, visible risk surface.

• 80 percent reduction in unmonitored file transfers
• Full visibility of data movement across endpoints and cloud
• Improved compliance readiness with auditable incident records