Day One of Evolution17 featured a rousing opening keynote, 16 different breakout sessions, and countless questions, conversations and connections. If you didn’t come away with at least one valuable new piece of endpoint backup knowledge, it’s pretty safe to say you were probably too busy playing in the conference mobile app instead. Here were some highlights:
Vijay Ramanathan gives a crash course on Version 6.0
With several customers up and running on Version 6.0, VP of Product Management Vijay Ramanathan took us through a few of the exciting new features coming soon to your backup world. He took a deep dive into Security Center, explaining how the new security tools will equip businesses with the ability to intelligently monitor employees, automatically detect anomalies, insider threats and data theft, and take action faster. Security Center allows you to assign users to activity profiles with preset rules focused on data exfiltration via removable media and cloud storage. You can configure thresholds for automated email alerts that notify you when users break from normal patterns or exhibit high-risk behaviors. The new Access Lock feature also gives you the ability to lock down data on a device in question. With this smart monitoring and alerting, you can vastly accelerate your incident response.
Version 6.0 also includes greatly expanded legal hold capabilities—one of the fastest growing use cases we’re seeing among Code42 customers. The new release includes preservation policy templates that allow IT to retain control of complex preservation policy rules, while giving legal teams a simple, intuitive tool for adding and managing holds.
A day in the life of a file
In one of the more detailed sessions of the day, Riley Bruce, lead systems trainer at Code42, took us on an adventurous look at exactly how a file is backed up, stored, and then restored by Code42. Riley went deep into all the meticulous details that you’ve always wondered about—or, perhaps, never even considered. Things like how Code42 prioritizes backups, focusing on new files first—because the file you’re working on right this second is generally more important than the file you haven’t touched in weeks or months. And how our advanced deduplication at the source isn’t designed just to minimize storage; it’s built to store data in smarter ways to make restores faster. As in, up to nine times faster than other deduplication methods.
Why is all of this detail so important? Because, as Riley said so well, “Backup isn’t always the ‘what,’ but it’s always the ‘how.’” Our purpose-built backup process is the foundation for the wide range of uses cases of our endpoint backup solution, from backup and restore, to data migration, to legal hold and more. It always starts with backup.
Hard lessons of building an insider threat program
Code42 Director of Security Jadee Hanson has a unique perspective on creating an insider threat program. Her past includes leading the ground-up development of Target’s insider threat program, which just happened to coincide with Target closing its entire Canadian operations, laying off more than 4,000 employees. “People did crazy things,” Jadee said. Her fledgling insider threat program struggled to keep track of this huge number of high-risk departing employees, see which ones were exfiltrating data, and attempt to stop them before it hurt Target.
The audience was fascinated by her anecdotes and lessons from this trial-by-fire experience. Never be surprised by how willingly and openly departing employees will take files and data. Make sure you’re prepared to handle the uncomfortable role of policing your colleagues—and work to find a balance between security and trust, lest your insider threat program sink employee productivity and morale at the same time.
Jadee finished with four keys to building an insider threat program:
- Plan before you start putting technology in place. Make sure you have your risks, goals and processes identified before anything else.
- Partnerships are critical. Insider threat programs aren’t 100 percent IT or InfoSecurity. You need buy-in from human resources, employee relations and legal teams to effectively act on your insider threat alerts.
- Start SMALL with monitoring. To avoid alert fatigue, start by focusing on a few high-risk user profiles: employees on performance plans, employees that have submitted their notice, and employees moving data to cloud storage.
- Consistently follow incident response protocol. Once you’ve culled your alerts to a manageable start, make sure you’re diligent about following up on every alert. Don’t let data slip through the cracks here and there; any incident could end up having dramatic impact.
Code42 transforming data migrations
Another rapidly growing use case for Code42 endpoint backup: managing and streamlining the constant pain of device migration. Fahad Ansari, principal architect at Code42, set the stage with some frustrating statistics on the high costs most organizations are constantly paying for cumbersome, high-touch device migration processes. After a quick overview of how Code42 can enable a completely new way of handling migrations—giving users their devices back in minutes, allowing user-driven migrations and greatly increasing data security and privacy—Fahad handed the mic to Ben Molesworth and Michael Pham from Qualcomm to talk about a real-world example of this transformative migration process.
Ben and Michael are part of the team that oversees device refresh for Qualcomm’s 14,000+ devices. With their old, IT-heavy process, users were stuck without their deices for the entire six- to eight-hour migration. Now, leveraging Code42 to streamline the process, migrations average just one hour. Both data and user settings are automatically transferred. Remote employees execute self-migrations on their own schedules. “We think it’s realistic to say we give our employees at least three hours back,” said Michael, “They feel empowered; they can do it all themselves.” At the same time, IT is free of scheduling nightmares and tedious migration workflows, so they can focus on high-level initiatives and more complex issues.
The two also shared some of the challenges they faces as they completely transformed how device migrations happen in an immense enterprise environment: the roadblocks, difficulties gaining buy-in from key stakeholders, hiccups along the way and how they’re still refining the new process. The dramatic increase in end-user satisfaction—and the hours of time they’ve regained—makes it clear that all the work was worth it.
Day two doesn’t slow down
Day Two of Evolution17 has plenty in store. Check back for a recap of our keynotes from Jad Abumrad of Radiolab and Brian Krebs, one of the most recognizable names in information security.