Code42 Incydr differs from other cybersecurity products: instead of monitoring network access points, logs, or user behavior, it tracks data files. By tracking where files go and who files are shared with, it helps users secure valuable intellectual property by responding when files are moved to unsanctioned destinations or shared with inappropriate external users.
To distinguish the allowed activity that happens naturally with collaboration from more risky exfiltration activity, Incydr applies the concept of trust: activity occurring on destinations and domains you specify is trusted while other activity is not.
However, this “trusted activity model” was difficult for sales engineers to understand and explain, especially when coupled with the nuances of cloud storage and file sharing permissions. It was a big gap causing confusion and costing sales.
To bridge this gap, I worked closely with two product owners to more clearly define and explain how Incydr’s trust works and how it is applied, and identify visuals that could really cement the concepts for users. After a number of meetings, rewrites, and reorganizations, we were able to distill down the concepts and concretely apply them to the different types of file activity sales engineers saw in every demo and implementation. The result? These two articles on the Code42 support site: