The Code42 Incydr Product Protects Salesforce Customer, Pricing and Pipeline Data from Malicious and Unintentional Insider Risks

Detects report exports to untrusted personal devices when employees depart organizations

Shown here is the process by which the Code42 Incydr product detects and alerts for report exfiltration from Salesforce to an untrusted device – one that is not monitored by Incydr. This new data exfiltration detector marks important new functionality for Code42's Insider Risk Management solution. (Graphic: Business Wire)

MINNEAPOLIS--()--Code42, the Insider Risk Management leader, today launched a data exfiltration detector in the Code42® Incydr™ product that detects when reports are exported from an organization’s Salesforce instance to an untrusted destination. This first-of-its-kind offering solves the risk tied to high turnover in sales personnel combined with access to valuable customer, prospect, pricing and pipeline data. The exfiltration detector uses Code42’s Trust capability to alert security teams when Salesforce data moves to the unmanaged personal laptops or mobile devices of malicious, negligent or careless insiders, and doesn’t block employee productivity or impede collaboration.

In a recent survey by Code42 and Pulse Research, a mere one in five security leaders are very confident that they have visibility to employees downloading Salesforce data to personal devices. When employees access, create and export cloud-based Salesforce reports to unmanaged devices – even for legitimate business purposes – confidential data is open to potential exposure and risk. That is because endpoint- and network-based security products cannot detect when data exfiltration happens from cloud-based applications, like Salesforce, via non-corporate devices.

“Our data shows that about two-thirds of employees take critical information with them when they leave to go to a new company. More times than not, they’re leaving for a direct competitor,” said Joe Payne, Code42 president and CEO. “Taking data often is as easy as downloading a report from Salesforce to a personal device. Finally with this new product capability, companies can protect their sales data without blocking employees from getting their jobs done, something that is critical to keep our sales teams productive and growing the business.”

Prioritize data governance of sales data in Salesforce

Security leaders agree that the data housed in Salesforce, if leaked, would open their company to a variety of risks. They also need to provide their security teams with tools that drive efficiency, not increase alert fatigue. In the same Pulse survey, 39% of security leaders ranked customer lists as the data they were most concerned about falling into the wrong hands, closely followed by target account lists (37%).

To help organizations prioritize the governance of their Salesforce data, the new Code42 Incydr exfiltration detector increases visibility into Salesforce and:

  • Detects exfiltration by monitoring organizations’ Salesforce application using an API-based integration, meaning it doesn’t require network layer technology that security teams must deploy and manage.
  • Is built using Code42’s unique Trust capability. It automatically distinguishes when files go to untrusted personal devices versus managed or trusted corporate devices, alerting security to investigate only when an exported report is downloaded to a device that is not monitored. It helps stop high-value customer and pricing data from leaking out of their organizations, mitigates fallout from leaked sales and customer data, and decreases alert fatigue.
  • Highlights critical activity and file movement and gives security teams the context they need to act appropriately. Incydr offers a wide range of response controls that ensure organizations take a right-sized response – in line with their organization’s unique risk tolerance – to contain, resolve and educate when insider risk events are detected.

“The download permissions for Salesforce reports are all or nothing, so it is difficult for security teams to control data loss,” said Dave Capuano, vice president of product for Code42. “With our exfiltration detector, security can protect data that is at risk of being downloaded to unmanaged devices without drowning in alerts for every single movement of data, including those that are for legitimate work purposes and to monitored corporate devices.”

Availability: The data exfiltration detector for Salesforce can be added as additional functionality to a Code42 Incydr subscription and supports both the Salesforce Sales Cloud and Service Cloud products. It is currently available to Incydr customers for purchase.

Learn More About Code42 Incydr

The Code42 Incydr product allows security teams to effectively mitigate data exposure and exfiltration risks without disrupting legitimate collaboration. Incydr is purpose-built to help security teams effectively manage the dynamic nature of Insider Risk – that includes prioritizing and responding appropriately to the risks that matter the most. It surfaces the top indicators of Insider Risk and gathers detailed security intelligence about on- and off-network file movements.

Additional Code42 Resources

About Code42

Code42 is the Insider Risk Management leader. Native to the cloud, the Code42® Incydr™ solution rapidly detects data loss, leak and theft as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. The Code42® Instructor™solution helps enterprises rapidly mature their Insider Risk Management programs by incorporating holistic, hyper-relevant Insider Risk education for end-users to reduce risk events due to accidental and negligent behavior.

With Code42, security professionals can protect corporate data and reduce insider threats while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, the Code42 Incydr solution is FedRAMP authorized and can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

More than 50,000 organizations worldwide, including the most recognized brands in business and education, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and is backed by Accel Partners, JMI Equity, NewView Capital and Split Rock Partners. Code42 was recognized by Inc. magazine as one of America’s best workplaces in 2020 and 2021. For more information, visit or join the conversation on our blog, LinkedIn, Twitter and YouTube.

© 2021 Code42 Software, Inc. All rights reserved. Code42, the Code42 logo, Incydr and Instructor are registered trademarks or trademarks of Code42 Software, Inc. in the United States and/or other countries. All other marks are properties of their respective owners.


Kristin McKenzie
Public Relations Principal, Code42

Release Summary

The Code42 Incydr product now detects when reports are exported from an organization’s Salesforce instance to an untrusted destination.


Kristin McKenzie
Public Relations Principal, Code42