What to Expect: Incydr Free 4-Week Proof of Value

What is the Incydr Proof of Value (POV)?

The Proof of Value is a 30-day experience with Incydr that examines user activities, data destinations, and transfer methods to identify key vulnerabilities in your data exposure. You'll receive customized recommendations to boost your data protection efforts based on the results – all at no cost to you.

View Sample Report

Day 1: Getting Started

Estimated time: 60 min
Your team members involved during kick-off include: Security Stakeholder, Desktop Deployment Engineer, Technical Decision Maker, Technical Sponsor

POV experience overview
Deploy agents to test machines

Week 1: Test & Configure

Estimated time: 60-90 min
Your team members involved during Week 1 include: Technical Sponsor

Deep-dive of Incydr detection, investigation & response capabilities
Begin silent rollout
Perform configurations, including trusted domains and alert rules
Discussion: Watchlists, verify use cases

Week 2: Review Use Cases

Estimated time: 60-90 min
Your team members involved during Week 2 include: Technical Sponsor

Complete silent rollout
Operationalize Watchlists and cases
Discussion: Refine trusted domains, validate use cases

Week 3: Discuss Preliminary Findings

Estimated time: 60-90 min
Your team members involved during Week 3 include: Technical Sponsor, Security Stakeholder

Review Risk Detection findings
Discussion: Current process and people pain points

Week 4: Insider Risk Posture Review & Recommendations

Estimated time: 60 min
Your team members involved during Week 4 include: Technical Sponsor, Security Stakeholder, Technical Decision Maker, HR, Legal, IT

Complete POV Experience
Mimecast to present Data Risk Assessment review and technical recommendations

What exfiltration vectors does Incydr monitor?

Incydr monitors exfiltration events across cloud services such as Dropbox and Google Drive, removable media, Airdrop, browsers, Git, and other applications such as Salesforce and Slack.

What alerts do you recommend we set up?

Incydr alerts are completely customizable and oftentimes tailored to your specific needs. If you need assistance, please contact your Systems Engineer. Some common alerts include:

Source Code Exfiltration
Unsanctioned Cloud Exfiltration
Compressed File Exfiltration
Sensitive Keyword Exfiltration

How do I add a user to the Departing Employee or High Risk Watchlists?

Mimecast offers workflow automation services to connect Incydr with your Human Resource Information System (HRIS). This integration will automatically populate Incydr Watchlists with the employees who meet the lens criteria.

What tools does Incydr integrate with?

Incydr integrates with a range of tools such as Splunk, Okta, and Google Drive. We also have a robust and easy to use rest-based API for tools not in our ecosystem.

Where does the contextual information about a user come from?

We are able to pull Department, Title, Manager, and Location from your Identity Management provider. Additionally, users can automatically be added to Watchlists based on information such as departure date through Incydr Flow automation with HR systems, PAM, and IAM.

What roles and permissions are available for Incydr?

Incydr offers a variety of roles and permissions to ensure administrators only have access to what they need to do their jobs. For example, you can choose the administrators who should have access to various features (such as the Watchlists), and you can also control who is able to download and view file content from Forensic Search during an investigation. We recommend you assign roles and permissions based on your administration use cases.

How do I deploy the agent?

Incydr can be installed on Windows, macOS and Linux using your desktop management software. Once installed, Incydr begins to silently monitor and collect files.

What is the agent impact?

Although results vary based on the above, we typically see 0-4% CPU and approximately 50MB of memory usage when the agent is in its steady state.

My company needs to meet compliance and regulatory requirements. How does Incydr support these requirements?

Implementing an Insider Risk Management solution helps you comply with regulations governing who has access to what data — and when, where and how that data is exposed and/or exfiltrated. Here’s a document explaining how Incydr supports a variety of compliance standards.

As a company, Mimecast utilizes industry standards and verification by independent auditors. We take a comprehensive approach to secure our products and solutions. Mimecast maintains compliance certifications and attestations on our product and infrastructure to validate our robust security program. Additionally, Mimecast ensures and monitors appropriate security assurance obligations. Learn more.