A high-tech unicorn company, renowned for its cutting-edge innovations, wanted to
address the founders' concerns about data security. The company's intellectual
property, such as chip design blueprints, AI models, source codes, and product design
documents, all held immense commercial value. Preventing the leakage of these assets was
critical, especially with the necessity to maintain a balance between efficiency and
stringent security controls, typical of a fast-paced startup environment.The company
extensively used MacBook computers for their operations. Many product solutions required
disabling Apple's official SIP protection mechanism, and they often experienced
slow compatibility with new versions of the macOS, which was unacceptable.
Solutions & Values
The solution effectively balances security controls and work efficiency, providing
targeted protection for high-value intellectual property and supporting the fast and
sustainable growth of the unicorn startup.
Core Asset Protection: Defending Against High-Level Confrontation For code files, DDR can control Git repositories, allowing pushes only to the
company's internal ones and blocking pushes to employees' personal GitHub
repositories. For 80% of important assets, DDR analyzes sensitivity through rich
context, including metadata, file format, AI content understanding, etc. For the
remaining 20% of core assets, DDR creates file fingerprints and uses similarity
matching for targeted protection. Beyond conventional applications, DDR strengthens
coverage for hidden channels like command-line operations, WinSCP, LAN transfers,
etc., and is not deceived by obfuscation techniques such as file format
modification, compression, renaming, etc.
Insider Threat Awareness from Personnel and Behavioral Perspectives DDR uses User and Entity Behavior Analytics (UEBA) technology, combining
information about employees' identities, departments, and statuses to assess
all risk behaviors. These behaviors include large-scale file downloads beyond daily
work needs, mass transfers of sensitive data to personal cloud storage before
resignation, scheduled incremental data extraction from internal resources,
accessing data not required for job roles, and extensive file packaging.
Outstanding MacBook Protection Experience: No Need to Disable SIP DDR employs Apple's official Endpoint Security Framework, preserving the
system's security mechanisms. DDR naturally supports all released macOS
versions and is even future-proof for upcoming versions without requiring additional
upgrades. For large asset files (over 100MB), DDR's performance ensures that
data leak prevention does not compromise operational efficiency.