A high-tech unicorn company, renowned for its cutting-edge innovations, wanted to address the founders' concerns about data security. The company's intellectual property, such as chip design blueprints, AI models, source codes, and product design documents, all held immense commercial value. Preventing the leakage of these assets was critical, especially with the necessity to maintain a balance between efficiency and stringent security controls, typical of a fast-paced startup environment.The company extensively used MacBook computers for their operations. Many product solutions required disabling Apple's official SIP protection mechanism, and they often experienced slow compatibility with new versions of the macOS, which was unacceptable.
Solutions & Values
The solution effectively balances security controls and work efficiency, providing targeted protection for high-value intellectual property and supporting the fast and sustainable growth of the unicorn startup.
Core Asset Protection: Defending Against High-Level Confrontation
For code files, DDR can control Git repositories, allowing pushes only to the company's internal ones and blocking pushes to employees' personal GitHub repositories. For 80% of important assets, DDR analyzes sensitivity through rich context, including metadata, file format, AI content understanding, etc. For the remaining 20% of core assets, DDR creates file fingerprints and uses similarity matching for targeted protection. Beyond conventional applications, DDR strengthens coverage for hidden channels like command-line operations, WinSCP, LAN transfers, etc., and is not deceived by obfuscation techniques such as file format modification, compression, renaming, etc.
Insider Threat Awareness from Personnel and Behavioral Perspectives
DDR uses User and Entity Behavior Analytics (UEBA) technology, combining information about employees' identities, departments, and statuses to assess all risk behaviors. These behaviors include large-scale file downloads beyond daily work needs, mass transfers of sensitive data to personal cloud storage before resignation, scheduled incremental data extraction from internal resources, accessing data not required for job roles, and extensive file packaging.
Outstanding MacBook Protection Experience: No Need to Disable SIP
DDR employs Apple's official Endpoint Security Framework, preserving the system's security mechanisms. DDR naturally supports all released macOS versions and is even future-proof for upcoming versions without requiring additional upgrades. For large asset files (over 100MB), DDR's performance ensures that data leak prevention does not compromise operational efficiency.
