Insider Risk

A Not Exactly Up-Lyfting Incident

By Veriato Team

IIf you haven’t seen the news about Lyft and its former COO, check out the great write-up by Ryan Lawler over at TechCrunch.com.

Lyft Inc. is a company based out of San Francisco, California that helps commuters organize ride-sharing via a free app.

Lyft Inc. filed a complaint in San Francisco Superior Court alleging that Travis VanderZanden transferred sensitive company information to his personal Dropbox account before resigning. VanderZanden is the former COO of Lyft and the current VP at competitor, Uber. The information he allegedly transferred was confidential strategic product plans, financials, forecasts, and growth data.

This is the latest example of an insider risk becoming an insider threat resulting in an insider-driven data leak with some good old-fashioned cutthroat competitiveness mixed in. It made headlines due to the current popularity of Uber and Lyft and the fact that the employee allegedly involved was a ‘C’ level employee. The harsh reality is that this type of data theft happens more often than you would think.

There is a treasure trove of information readily available on the DEFCON 1 level threat to organizational IP posed by departing employees . And there are some rock-solid, common sense best practices put forth by really smart people on how to deal with this type of problem. Hint: it involves monitoring the online activity of employees you suspect may be leaving, or know are leaving your team, plus reviewing 30 days of online activity of employees who left the company for things like…well, read the complaint Lyft filed for some really good examples.

We hear about cases like these pretty regularly because our customers use our software to help them detect, and respond to them. I’m aware of millions and millions of dollars in damages recovered by our customers using information discovered using our products. I am also aware of many instances of customers finding out about IP theft in progress, and putting a stop to it’ again because of our software.

Don’t let IP Theft put your company name in the papers on the Internet, and on behalf of COO’s everywhere ‘say it ain’t so, Travis.

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Veriato Team
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Quis ipsum suspendisse ultrices gravida.

Insider Risk & Employee Monitoring Resources

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Key Takeaways: Closing the Gaps in Traditional Security Tools: IAM, SIEM, and DLP are vital but insufficient in addressing insider risks. They focus on access control, event logs, and data protection without understanding the behavioral context that signals insider...

Insider Risk Management: Addressing the Human Side of Risk

Insider Risk Management: Addressing the Human Side of Risk

Key Takeaways: Proactive Over Reactive: Shifting from a reactive to a proactive approach is essential in managing insider risks. Continuous monitoring and analysis of human behavior are key to detecting potential insider risks before they escalate. The Power of AI:...