42 Seconds with a Code42 Customer: Lehigh University

Code42 provides your business with a variety of data security benefits, including increased productivity, risk mitigation, streamlined user workflows, and more–all in a single product that’s been proven to ultimately save you money. While Code42 has a few primary use cases–backup and recovery, device migration, etc.–we’ve learned that our different customers use Code42 in different ways. To explore how customers use our product, we recently partnered with the talented team at creative agency Crash+Sues to create a series of animated videos featuring the voices and likenesses of actual Code42 users.

In our latest video, Naazer Ashraf, senior computing consultant at Lehigh University, explains why they rely on Code42 over sync and share products for data backup and restore. As one of the nation’s premier research universities, Lehigh’s faculty are known for their excellence in research. Obviously, data is extremely important (and valuable) to researchers, so imagine the reaction when one researcher deleted files from Google Drive to save space–and discovered that doing so wiped the files for 10 other researchers. Naazer tells the story in just 42 seconds. Check it out below.

Forrester Offers Five Best Practices for Ransomware Protection

Ransomware has reared its ugly head again, this time bearing the name Bad Rabbit. According to analysts at Crowdstrike, Bad Rabbit shares 67 percent of the same code as NotPetya, meaning this variant may actually be the work of the same threat actor. Bad Rabbit marks the third major ransomware outbreak in 2017. With WannaCry, NotPetya, and now Bad Rabbit, the public is more aware of ransomware than ever. However, awareness is not enough to protect your organization, your employees, and your files. With every outbreak, we come to realize that prevention is never foolproof, and faster detection only gets you so far. What matters most is the speed in which you can respond and bounce back when disruptions like ransomware strike. Forrester has assembled a guide in the proper response to ransomware in the report “Ransomware Protection: Five Best Practices.” Key takeaways of the report include:

  • Avoiding a ransom payment is possible
  • Preventing ransomware doesn’t require new security investments
  • Focus on your core security needs

In addition, consider these important tips that will also help you amp up your speed of response to ransomware attacks:

The human element of ransomware doesn’t get enough attention.

Laptops and desktops are hit by ransomware most often for a simple reason: they’re operated by users. Your employees are moving fast to create the ideas that make the business run, meaning they are prime targets for threat actors. Plus, cybercriminals are getting more and more sophisticated. They’ve optimized ransomware’s “user experience” to increase the odds that a victim falls prey and inevitably pays up.

Don’t blame humans for being human.

Don’t just give them the tools and training to know the dangers, but also the tools to always bounce back when they’ve made an error. Humans will make mistakes. It’s the role of IT and security teams to minimize the disruption and impact of those mistakes, get the idea engine – your employees – back up and running, so the business keeps moving forward.

Protection requires a renewed focus on IT and security basics.

It’s these basics that Forrester analysts Chris Sherman and Salvatore Schiano discuss in detail in the Forrester report. Read “Ransomware Protection: Five Best Practices” today to learn how to minimize business disruption when ransomware strikes.

Protect Your Data from Insider Threats with Code42

Code42 provides your business with a variety of benefits, including increased productivity, risk mitigation, streamlined user workflows, and more – all in a single product that’s been proven to ultimately save you money. Recently, Code42 launched Security Center, a new suite of tools to help you spot suspicious data use behaviors in your workforce – and respond to them if necessary. There’s a big reason why we added this feature – the facts show that 89 percent of corporate data loss involves the actions of an insider.

We recently partnered with the talented team at creative agency Crash+Sues to create a series of videos about the core features of Code42. This most recent video focuses on an all-too common scenario in which an employee decides to steal valuable data from his employer. Unfortunately for him, this company has Code42’s Security Center.

Take a look today for an illustration of how Code42 and Security Center can help keep your enterprise’s data safe from insider threats.

Welcome Aboard to our 2018 Interns!

Two offices. 1,678 applicants. 21 new summer interns.

Code42 recently welcomed a new class of summer interns, and we couldn’t be more excited to have them join us for the summer. The 21 young people who make up the 2018 summer intern class are unique, brilliant and valued members of our team.

At Code42, our internship program is built around three guiding principles: To provide interns with real-world professional experiences; to build meaningful connections that last a lifetime; and to receive real-time feedback, evaluation and mentoring.

“I have been looking forward to this internship since I received the offer in December,” said product design intern Stephanie Zapuchlak. “I came in with high expectations and somehow Code42 and my wonderful team have blown those expectations out of the water. Not only am I working on real-life projects that I can add to my portfolio, but I also have acquired a second family in my team.

“I also was fortunate enough to help with the User Experience Professionals Association event, where I networked with other UX professionals from around Minnesota. I beamed with pride as my team spoke passionately about product design while on the panel. 10/10 internship!”

“ I came in with high expectations and somehow Code42 and my wonderful team have blown those expectations out of the water. ”

Over the course of their 13 weeks with us, our interns will be totally immersed in our culture and get a chance to live out our Code42 values. Our interns will also participate in a “#code42coffeeconnections” social media challenge, attend a night of baseball with their managers and mentors, and use their Volunteer Time Off (VTO) days to give back to the community and leave the world a better place.

During their time at Code42, the interns will also have the opportunity to join our executive team during weekly “Lunch and Learn” sessions, giving them a unique opportunity to learn from our senior leaders in a small group setting. Additionally, interns are involved in their team’s day-to-day projects, helping achieve team goals and metrics. This type of responsibility and real-world experience is truly where the program’s value can be found and what will make their experiences unforgettable. We are proud to play a critical part in helping these talented students build the lifelong skills they need for a successful career.

“ While I received a solid foundation at school, I was craving a challenge and exposure to real-world problems and applications. I got exactly what I hoped for! ”

“Prior to my internship with Code42, my experience was limited to my computer science courses,” said development intern Jack Hysell. “While I received a solid foundation at school, I was craving a challenge and exposure to real-world problems and applications. I got exactly what I hoped for! In just the few short weeks that I have been here, I have worked with internal APIs, implemented JUnit tests, and delved into Spring Boot applications. Perhaps the greatest part of this experience has been my team interactions. I’m not treated like an intern. My mentor and colleagues assign real problems, and encourage me to provide input. While it can be terrifying at first, full immersion is truly the best approach. I am definitely a different developer than I was three weeks ago, and I can’t wait to see where I am at the end of this experience!”

Congratulations interns, welcome to the team!

Cryptominers: The New Top Threat to Your Endpoints

Ransomware has been dominating headlines recently. In 2017, ransomware broke into the popular conscious, thanks to high-profile attacks like WannaCry and NotPetya. However, ransomware is no longer the top cybersecurity threat. According to the Comodo Cybersecurity Threat Research Labs’ Q1 Global Malware Report, ransomware has been replaced as the top cyber threat by cryptomining software, with 10 percent of malware incidents in the first three months of 2018 related to cryptomining.

There’s no “one size fits all” solution to deal with cryptominers. However, with data-level visibility into all file activity on your endpoint devices, you can locate and remediate cryptominer infections.

A paralyzing threat that’s hard to see

Cryptominers hijack resources from the owner of a device for the attacker’s profit. On a single machine, cryptominers may cause a performance drain, but it can be subtle enough to go unnoticed by a user. However, cryptominers don’t typically infect just one machine; attackers more commonly deploy botnets of infected systems working in tandem to make their money off of your equipment–and potentially your customers. One system vulnerability is invariably linked to many others, which means your whole network could potentially be exposed to further exploits and other cybercriminals.

In addition to exposing your customers to risk, a widespread cryptominer infection can cause an enterprise-wide resource drain that can also have real effects on productivity. Cryptomining also comes with huge energy costs. A big spike in your electricity bill is one of the surest signs of illicit cryptomining in your enterprise. 

Locating cryptominers can be tricky. Some variants are scripts embedded in websites that can be addressed with ad-blocking software. Others (which tend to target large enterprises) aren’t as easy to deal with. More sophisticated miners are often hidden within image files on compromised web servers. When users visit a compromised site or click an email link, the cryptomining tools attempt to plant the malicious image files on their machines.

Rooting out cryptomining software

If you have a data visibility tool that can search across your organization’s endpoints for specific files and file metadata, you can locate malware in your organization. In the case of cryptominers, using a forensic file search tool to search for javascripts associated with known cryptomining tools can tell you where those scripts exist. Once located, the infected endpoints can simply be deleted. In the case of more serious infections, the machine can be reverted back to a point before infection with your endpoint backup solution. 

Cryptomining software is one of the more challenging malware categories to deal with because there are so many varieties in existence. And, because the impact on an individual machine may be minimal, it is tempting to just ignore the problem. But, according to Malware Bytes, “unmanaged cryptocurrency miners could seriously disrupt business or infrastructure-critical processes by overloading systems to the point where they become unresponsive and shut down.” With comprehensive visibility into the data and metadata in your organization, you can more quickly identify and respond to cryptominers when you first suspect infection.

Accelerating Incident Response with Forensic File Search

A streamlined incident response process depends on collaboration between security and IT teams. However, in many organizations, these teams often work in silos, with separate technologies, priorities and resources. With Code42 Forensic File Search, security and IT teams can come together with a unified incident response process.

By submitting this form, you agree to Code42’s Privacy Policy.

The Data Security Sandwich: A Recipe for Innovation

Big Data is one of the most overused buzzwords of the decade. The reality is that you know there’s huge potential value in your data. You’re collecting more than you know what to do with. The real challenge is finding or developing tools to extract that value and achieve that potential.

The ultimate data security sandwich

One of our new customers recently asked me why we combined our Code42 Backup + Restore and Code42 Forensic File Search solutions into a single agent. To me, it’s like explaining the appeal of the sandwich: You’ve got great bread. You’ve got great meat. You’ve got great cheese. Sure, you could enjoy them separately; but putting them together creates something far better.

Think about the data sitting on your users’ endpoints. Code42 Backup + Restore takes all that data and—through the magic of comprehensive backup and speedy restore—gives you the ability to support data protection, ensure business continuity and drive business resiliency. Code42 Forensic File Search takes that same data and gives you complete visibility. You can understand what your data looks like—how it’s created, where it lives and how it moves. You can understand its value—and track the movement of that value. You can further support data protection and compliance, while speeding and simplifying recovery and remediation.

Sure, you can use one product without the other—but then you’re not making the most of your users’ data.

A recipe for innovation

There’s probably no food item that has seen more variation and innovation than the sandwich. Likewise, (as always) our customers are much smarter than we are, and they’re already finding smart new ways to innovate by combining our two products:

  • Improving backup and simplifying data classification: Organizations keep looking for ways to understand the value of the ideas and files in their organization, get visibility into where they are stored, and find ways to classify data types and usage. With Code42 Forensic File Search, this classification becomes a lot easier. Today, we’re seeing organizations that have expanded their usage of Code42 with Code42 Forensic File Search ask questions about what files are not in their backups, and they are then using our scripts via APIs to add them. In addition, the query capabilities of Code42 Forensic File Search make it much easier to classify the value of data based on the type of intellectual property they are creating. Clearer visibility makes life easier.
  • Implementing data privacy and achieving GDPR compliance: By the time this blog goes live, GDPR will officially be in effect—can you believe it? A realistic view of data is the core of being able to respond and comply with GDPR. Organizations are already looking to use Code42 Forensic File Search to meet the GDPR’s “right to be forgotten” mandate—ensuring they can find files on their network and eliminate them—as well as ensuring compliance with the “business need” to collect information. In a world where we continue to see file decentralization, having a single lens to find files across an organization and systematically eliminate them is the only way to ensure an organization has successfully eliminated private information of customers.
  • Stronger security: Code42 Forensic File Search is being used for everything—and I mean everything—under the sun. The other day I learned that one of our customers was getting the MD5 hashes of new malware on a scheduled basis, and then looking across their organization for these new hashes as they were added to AV feeds, so they could ensure no existing instances existed. Quite creative! But here’s an even better example of how these two tools are better together: Code42 customers have already instrumented the Code42 Forensic File Search capabilities back into their Backup + Restore solution—and tied them to the Restore APIs as well. These organizations have taken the alerts fired from detection capabilities, pulled those back into SIEM systems, and created secure incidents in IT Service Management (ITSM) systems. They’ve added Code42 to the workflow to identify infected machines using Code42 Forensic File Search, and then used Code42 restore capabilities to pull the suspect file into a sandbox environment for a security researcher to examine. Now that’s synergistic value.

Aligning the needs of your business and your users

One last story on how companies are viewing the combined value of these two solutions: Last week, while talking with a very progressive CISO, he stopped me and said, “Rob, if I’m going to monitor my users more, I’d like to give them value back.” He explained that while Code42 Forensic File Search was his primary use case, his IT team decided to purchase the Code42 Backup + Restore capabilities too because “we wanted to give the users something back” for the visibility they gave to IT. It was a great sentiment, and his users responded with excitement. His users get the peace of mind of working continuously, without fear of losing their work or their data—and he and his team get the visibility they need to secure their business.

Are you making the most of your users’ data?

If you’re like me, all this sandwich talk means an early lunch. But before you go, ask yourself a simple question: Are you making the most of your users’ endpoint data? Or are you leaving some of that potential value unrealized?

Accelerating Incident Response with Forensic File Search

A streamlined incident response process depends on collaboration between security and IT teams. However, in many organizations, these teams often work in silos, with separate technologies, priorities and resources. With Code42 Forensic File Search, security and IT teams can come together with a unified incident response process.

By submitting this form, you agree to Code42’s Privacy Policy.

Five Steps to Disarming Ransomware Attacks

You have 48 hours to send two Bitcoins to the address below or your data will be erased. Do not contact the authorities.

If you’ve seen this notice, you know the fear induced by a ransomware attack. And if you haven’t, there’s a good chance you soon will. In 2017, the number of ransomware assaults grew 250 percent in the first quarter alone, causing millions of dollars in lost productivity and lost data. Today, ransomware remains one of the top cyber threats to enterprises. Why? Here are 10 factors that make ransomware irresistible to cybercriminals—and five steps to disarming attacks.

  1. Ransomware tools are becoming more sophisticated: From malware that flies under the AV radar to brute force attacks, hackers are constantly getting better at getting in. Better encryption makes it all but impossible for victims to unlock their files without paying for the key.
  2. Phishing, sadly, still works: Phishing attacks have been going on for 30 years now, so users must be experts at spotting them by now, right? Wrong. Phishing attacks are still effective, and employees may assume that IT and security teams are keeping them safe from phishing attacks.
  3. The most vulnerable attack vector is unprotected: Without a comprehensive endpoint backup solution, an organization’s laptops and desktops are unprotected. And yet, the Code42 CTRL-Z study revealed that IT decision makers believe that 60 percent of corporate information lives on users’ laptops. If executives know this, so do cybercriminals.
  4. Human behavior creates risk: Your policies say that employees must back up their data to a shared server to keep it safe from endpoint attacks. Unfortunately, employees aren’t following your protocol, leaving endpoint data—which is more than half of enterprise data—unprotected.
  5. Anyone can launch a ransomware attack: Following the trend of the legitimate software industry, Ransomware-as-a-Service (RaaS) takes ransomware accessibility to a new level. People with little technical expertise can “rent” ransomware and create their own phishing emails.
  6. Cryptocurrency makes money laundering easy: To a cybercriminal, the risky part of ransomware is direct interaction with a victim to obtain payment. But the emergence of cryptocurrencies removes much of this risk, creating a digital layer of anonymity between the victim and extortionist.
  7. Attacks target the enterprise: Cybercriminals are increasingly targeting those most likely to pay, and businesses are the ideal targets. They have valuable data they can’t afford to lose and a lot more cash on hand than individual targets.
  8. Once in an organization, ransomware spreads quickly: It only takes one employee to spread an infected file throughout your organization. Your employees are sharing thousands of files with each other every day. Cloud collaboration platforms make file sharing easier than ever, but platforms with automatic sync can actually spread ransomware, syncing infected files to the shared cloud and exposing others.
  9. Prevention is nearly impossible: The number of cybercriminals, combined with the sprawling attack surface, make prevention virtually impossible. More importantly, preventive AV products can’t stop human error. Bigger walls and stronger locks do nothing if your employees are willingly or unintentionally handing over the keys.
  10. Paying the ransom fuels the demand: As long as victims keep paying the ransom, money will continue to pour into the growing black market for ransomware and fuel the increasing sophistication of these exploits. More money, more hackers, more attacks and higher ransoms­­–these are the real costs of paying the ransom.

Break the cycle: focus on the data

The 10 items above paint a bleak picture, but the antidote to ransomware is actually quite simple: Shift the focus from those trying to steal data to the data they’re trying to steal. By focusing on ensuring all data is collected and protected, the enterprise can enable a swift, clean recovery from ransomware and fight it at its source. Here are five quick tips to disarm ransomware:

  1. Collect and protect the data: Truly comprehensive enterprise data protection includes covering data where it lives—on the endpoint. The solution can’t rely on user behavior, and it can’t slow down user productivity because employees will work around it. The solution must be automatic, continuous and frictionless to give IT certainty that every user, every device, every file and every version is covered.
  2. If ransomware hits, have no fear: With all laptop and desktop data continuously backed up, ransomware ceases to be scary. The enterprise has the tools in place to execute an efficient, successful recovery.
  3. Make the clean, quick restore: Comprehensive endpoint data protection turns restore from a costly, weeks-long affair into a quick, push-button task. IT simply rolls back to the last known good state to conduct bulk file restores or allows users to perform a self-service restore.
  4. Never pay the ransom: With quick and comprehensive data restores, the enterprise can laugh at ransom demands.
  5. Feel proudyou’re doing your part: With the tools in place to take the ransom out of ransomware, the enterprise community can cut off the cash flow and begin to shut down the ransomware market.

The Seven Keys to Successful Windows 10 Migrations

With Windows 7 reaching the end of extended support in 2020, the pressure to move users to Windows 10 will continue to increase over the next two years. Many organizations are fast-tracking the migration to take advantage of the notable improvements in Windows 10, such as improved security and better enterprise-level performance. If they haven’t already, all businesses need to plan for the end-of-support dates for older Windows platforms. The good news: the move to Windows 10 should prove easier than the painful migration from Windows XP that most businesses experienced a few years ago. But tech refresh and data migration projects are always a headache. Careful planning is the key. Here are seven items to consider before making the switch.

  1. Can your infrastructure support Windows 10? It seems obvious, but you need to start your planning by making sure all technology is compatible. Check the hardware, software and applications against Windows 10 specifications. If you discover aging technology that’s not compatible with Windows 10, it’s probably time to replace those machines. This is also a good time to conduct application rationalization—update core applications and eliminate unnecessary or redundant applications to support consistency across your users.
  2. Will you migrate gradually—or in bulk? Successful migration planning starts with an up-to-date picture of your device landscape. First, determine the breakdown of the devices in your organizations. What is the mix of desktops versus laptops? What is the breakdown of operating systems in your organization? You also need to consider your “natural” refresh timeline—will this allow gradual migration as old devices are replaced?
  3. How will you strategically schedule migration phases? With a well-considered schedule, you can reduce the burden on both users and IT. Determine if migration phases will be based on department, physical location, device type or other criteria. Determine migration times that minimize productivity impacts for each specific user group. Engage users in migration scheduling to help minimize the IT burden of missed and rescheduled appointments.
  4. Is endpoint data backed up? Are you sure? Many companies end up losing data during a tech refresh/data migration project. There are a few ways to reduce the risks of this happening. Don’t rely on user-driven backup (i.e., requiring users to back up endpoint data to an external server), as users can be unpredictable and error-prone. Don’t substitute cloud collaboration platforms for endpoint backup, as they fail to capture all endpoint data and can expose data to security threats. Do ensure automatic, continuous backup of all endpoint data—whether executing an in-place or wipe-and-reload migration. Finally, make sure to enable continuous data access for users while their primary device is migrated. Keeping the data on employee devices protected during migration can be critical to your business. According to upcoming research from Code42, security and IT leaders estimate that 39 percent of their organization’s data is held exclusively on endpoint devices. What would happen to your business if such a large percentage of corporate data was lost?
  5. How are you handling user settings and profiles? When people buy a new phone, their apps and settings migrate seamlessly to their new device. They expect the same with their laptop at work. Users get back to work faster when device settings and user profiles—the things that allow users to work the way they want to—carry over to their new machine. For a Windows 10 migration, leverage the Microsoft User State Migration Tool (USMT) to save and transfer user profiles and settings. Make sure your endpoint data backup integrates with USMT to back up user profiles and settings. Ensure the reload includes user profiles, eliminating the user and/or IT burden of reconfiguring settings.
  6. Will you deploy an in-place or wipe-and-reload migration? Choose the option that’s best for your organization. An in-place migration can be faster and easier on IT resources, but it may limit enabling the full suite of Windows 10 security features and may not be suitable for devices nearing the end of their life cycle. This user-driven approach is also prone to user error. A wipe-and-reload migration remains the best path to enabling all Windows 10 security features and can minimize post-migration IT costs. It can, however, result in data loss if it’s not paired with automatic endpoint backup. This method is also typically slower and more expensive than the in-place option.
  7. How scalable is your migration plan? Assess where your organization fits on this spectrum today—and where you’d like to be. Consider technologies that can help you move toward the next level. One-to-one migrations, where IT works individually with each user, place a heavy burden on IT. The process is slow and increases IT costs. One-to-many migrations—classroom-style, where IT migrates several users at once—have a lighter touch, reduce scheduling issues and costs, and speed enterprise-wide migration projects. User-driven migrations have hardly any IT touch and offer the fastest path to migrations, as well as the most convenience for users and the smallest hit to productivity.

Answering these seven questions before starting a Windows 10 migration can greatly reduce the cost and disruption of your project. Not all of the answers will come easily, but there is little downside to rigorous preparation and a lot to gain. As the great Spanish writer Miguel De Cervantes said, “The man who is prepared has his battle half fought.”

GDPR May Not Apply to You. Follow it Anyway

I recently spoke at a small business event, and I asked for a show of hands for those governed by various common data privacy regulations (PCI, HIPAA, etc.). I saw giant smiles on the faces of those not raising their hands—a sense of relief for having avoided the extra discipline and effort that compliance requires. My advice to that relieved group: pick a data security regulation anyway—any one of them—and follow it.

With the GDPR deadline just days away, a lot of organizations in the U.S. are feeling like those lucky few small business owners, thrilled that they don’t fall under the new GDPR regulations. My advice: follow it anyway. Here’s why:

The U.S. will copy elements of GDPR—sooner than you think

The U.S. tends to follow rather than lead when it comes to data privacy regulations. If history repeats itself, U.S. regulators will follow the tenets of GDPR—and likely enhance it (read: make requirements more specific and stricter) based on how GDPR enforcements shake out in the coming months and years. By starting the process of achieving compliance today—before deadlines rush timelines—U.S. companies can take the time to make smart decisions, build future-proof strategies and spread the costs out over time.

U.S. consumers want GDPR-level privacy

We’re seeing a big change in public awareness of data privacy. Everyday people—not just data security pros and regulators—are tuning into the details of what data companies collect about them, and how that personal data is used. As consumers, we’re becoming aware of all the new and terrifying ways our privacy is up for sale. The headline example of this is the Facebook/Cambridge Analytica case. There’s huge value in showing your customers that you go above and beyond, and GDPR is centered on concepts that customers understand and love: consent and the “right to be forgotten.” Moreover, you definitely don’t want to look like you’re taking the easy way out at the expense of your customers’ privacy.

GDPR is good business practice

In board rooms around the country, CEOs are getting grilled on data privacy and data security. No company wants the same embarrassment, fines and costly brand damage that Facebook is enduring. The basic tenets of GDPR—privacy by design, privacy by default, etc.—aren’t really revolutionary. They’re now just best practice for any digital business.

Proactively adopting the tenets of GDPR forces a solution to the fact that most companies don’t have the data visibility needed to understand and implement next-generation data privacy. You need to consider all the vectors within your digital ecosystem—look at all the endpoints floating around your world, instead of just your networks and servers. And you can’t treat all data the same way. You have to be able to recognize your most valuable and sensitive data—and see where it lives and how it moves.

Of course, proactively going above and beyond to secure customer data is a big challenge, to say the least. But, I recently saw something on TV that looked like a much bigger hassle: Testifying in front of Congress. 

Cyber Threat Prevention at the Cost of Data Visibility Falls Short

As an industry, we’ve built some amazing technologies that provide defense in depth across our perimeters, networks and endpoints. We’ve created some pretty amazing tools that are able to analyze, correlate and process massive amounts of data that could indicate malicious activity. But it occurred to me that even with the most robust defenses in the world, our hyper focus on prevention and threat detection have caused us to lose sight of what it is we are defending. Our data–our intellectual property–is what drives our companies forward and provides valuable products or services to our customers.

Those of us that have been in the security space for any length of time have seen the threat landscape change rapidly. Security practitioners and the vendors that build tools to support them also have evolved dramatically. Security teams are building impressive layered defenses, as evidenced by the dramatic growth in the number security solution providers. I recently returned from the RSA Conference and, even though I’ve been going for over a decade, I’m still amazed every year by the number of new vendors that continue to pop up. There are now more than 1,600 security companies in the market, according to Zulfikar Ramzan, CTO of RSA Security. Ramzan also stated that one of RSA’s customers is using 84 different security vendors–yes, 84! He goes on to say that number really isn’t uncommon.

Don’t focus on threats at the expense of what’s being threatened: your data

All of these solutions do a pretty good job of understanding the particular threats they are focused on. They effectively work to detect, deny or disrupt those threats across your perimeter, inside your network or on your endpoints. But ironically enough, the tools themselves don’t have the needed visibility into what they are protecting.

And what they are protecting is the whole point: it’s the data–your company’s intellectual property, the very ideas that make your company valuable. Deloitte found that 80 percent of a company’s value is in its intellectual assets.

When it comes to protecting your data, knowledge is power

We need to do more than just stop as many threats as we can. We need to understand our data and recognize that it is the lifeblood of our companies. It is critical to know where our data is, who has it, where it is moving to and from and exactly what information is moving. No matter how complex our security posture is (and possibly because of that complexity) threats will always get through. So, we need to include data-level visibility in our security planning and tool portfolio. Data-level visibility gives us proper insight into exactly what is happening with our data, so we can be smarter about protecting it. This visibility will be a powerful complement to the rest of our security toolsets, helping to more easily detect, investigate and rapidly recover from malicious incidents.

Knowledge is power. Knowing exactly where the most important information lives and moves is a critical step in fully protecting the most valuable assets we have: our ideas.

Forrester’s Mitigating Insider Threats: The Security Playbook

By submitting this form, you agree to Code42’s Privacy Policy.

What If Ransomware Was Just an Annoyance Rather Than a Crisis?

Imagine this: despite a strong firewall, your department is attacked by the latest ransomware that locks up all your employees’ devices right in the middle of the day, effectively stopping work.

Fifty minutes later, every device is back up and running, employees are back to work, your phone has gone blessedly silent, and the package of Tums you keep in your desk drawer lays undisturbed. And…you haven’t paid the ransom.

It’s possible. Here’s how.

It’s not just ransomware itself that’s a threat to businesses; it’s the increasing pace at which it evolves into ever more powerful superbugs that infect systems and evade detection.

The knee-jerk reaction from some in the security space: try to keep up with ransomware’s mutations by evolving prevention faster than the threat. But that game does not end in a winning proposition. While you may be able to defend your most valuable servers, it’s not uncommon for the attacker to find their way in through your endpoints. Faced with this reality, many companies are now just paying off ransoms with cryptocurrency, a short-sighted solution that doesn’t always work and that only makes you the target for more ransomware attacks.

Here’s a better approach: Adapt your preventative defenses, but work in parallel to deploy a ransomware-proof recovery plan for all of your vulnerable devices—including every endpoint.

What does a ransomware-proof recovery plan for endpoints look like? Here’s a quick step-by-step guide:

  1. Take stock of every endpoint device in your organization.
  2. Back up the data on every endpoint device. The more frequently you back it up, the less data you are at risk of losing in a ransomware attack. Backing up every 15 minutes is best practice.
  3. Back up your endpoint data in a solution independent of your cloud collaboration software. Ransomware can infect shared folders and, in some cases, spread it to other devices even faster.
  4. Confirm that your backup storage is not susceptible to ransomware attack.

With this recovery approach in place, any endpoint device locked by ransomware can be unlocked by wiping the device and fully restoring the user’s data from your backup stores. With practice and a well-documented process, users can be up and working in less than an hour after a ransomware attack.

Good prevention tactics will help reduce the cost and disruption caused by ransomware, but won’t eliminate your risks. Enacting a recovery plan that accounts for every endpoint is the most important next step you can take to limit ransomware’s impact on your organization.

Forrester Research Ransomware Protection: Five Best Practices

The ransomware threat is not going away. In fact, the ransomware epidemic is only growing. But it is possible to keep your business and your data safe. Read the Forrester report to learn how.

By submitting this form, you agree to Code42’s Privacy Policy.

Preserve IT and User Productivity with DIY Windows 10 Migrations

Device migrations have always been an unpleasant fact of life for enterprise IT and are only becoming more frequent. With new devices, new operating systems, OS updates and more coming out multiple times a year, businesses are constantly moving users to the latest tech to keep them at the leading edge of productivity and security.

As of March 2018, Windows 10 was only being used by 39 percent of all Windows users. With Windows 7 reaching the end of extended support in 2020, the pressure to move users to Windows 10 will increase over the next two years. That means there are many, many device migration projects on the horizon for enterprise IT teams.

In order to maintain the highest possible amount of IT and end user productivity, organizations should consider shifting to a “DIY,” or employee-led, migration model.

One-to-one migrations don’t fit the digital enterprise

Whether you call them one-to-one migrations, IT-heavy migrations or white-glove treatment, the traditional approach to device migration can’t keep up with the increasing frequency of tech refresh projects in the typical enterprise.

  • Users lose hours–or days–of productivity: Most one-to-one migrations take several hours, if not days. That means users often lose an entire day of productivity. That’s annoying for the individual user, and the collective impact is immense in large-scale, enterprise-wide tech refresh projects.
  • IT is overwhelmed: For businesses in every industry, IT is shifting from acting as a necessary cost center to delivering a wide range of differentiating value. But when they’re forced to spend the bulk of their time on low-level tasks like one-to-one migrations, IT teams have less time for high-value projects.
  • Projects run on forever: A survey of Code42 customers found that the biggest challenge for migration projects delivered via traditional approaches was scheduling time with users. Flexible work schedules, increasing mobility and a growing remote workforce make scheduling one-to-one-migrations a nightmare. This is part of the reason that data migrations have an average time overrun of 41 percent.
  • They’re incredibly expensive: Businesses tend to think the cost of the technology itself is the big budget item in tech refresh. But IT costs are what lead 80 percent of data migrations to run over budget.
  • Valuable data falls through the cracks: Traditional device migration workflows lean heavily on manual user actions for data backup and restore. The result: One in three enterprise data migration projects experience significant data loss.

Moving to a DIY migration model

As device migrations come more frequently, the pain of the “old way” is becoming evident to IT and business leaders. Moreover, innovative businesses and industry analysts are demonstrating and quantifying the promise of a more scalable approach to device migration.

Imagine end users performing their own migrations in as little as 30 minutes, with no lost data. Consider the massive productivity savings for both users and IT when extended across an enterprise. The savings add up quickly, and both IT and end users are happier.

Learn more on Tuesday, May 15 at 1 p.m. CDT by attending the 30-minute webinar “Enabling a DIY Windows 10 Tech Refresh.” In the session, Product Marketing Manager Aimee Simpson will discuss how DIY device migration works, complete with a step-by-step walkthrough. She will also cover the successful migration project deployed at Qualcomm, the ROI of the DIY model for device migration and much more. Sign up for the webinar here.

Lesson From the Road: The Security and IT Partnership

Lesson From the Road: The Security and IT Partnership

The last two weeks have been filled with travel for me, and I’ve had many opportunities to talk with security practitioners about the realities they face on a daily basis.

At our Evolution customer conference and the RSA Conference in California, as well as at the CIO Perspectives event in New York City, I heard validation of something I’ve believed for a long time: Security continues to be democratized and is a shared responsibility of everyone. Now more than ever, having security and IT teams work together as partners is essential to ensure security alongside user freedom.

For example, I had the pleasure of being part of a panel discussing security challenges facing CIOs in today’s modern age at the CIO Perspectives event. There, I heard some common themes as I spoke with countless CIOs and CISOs:

  • No one has enough budget to fulfill the needs: We heard how CIOs and CISOs are looking at “two-fer” hires who bring an IT capability along with the ability to solve security controls, essentially functioning as members of both the security and IT teams.
  • No one has enough staff: IT and Security experts are in high demand and the skill gap is challenging. Often, CISOs are turning to IT experts to help implement policy and governance and validate compliance.
  • No one feels safe enough: In today’s world, IT experts know their users are under attack. Security experts know that “soft spots” exist in every organization and abating them presents a challenge.

Security and IT are separate disciplines, and yet CISOs are looking at ways to share resources between the two and, in some cases, find hires that can fulfill the responsibilities of both. Budget pressures aside, there’s perhaps an unconscious reason why technology leaders are exploring the overlap between security and IT: When these two teams work together, both security and IT are improved.

In many cases, security and IT teams don’t see eye-to-eye, which forces conflict over prioritizing investigations versus getting users back up and running when data security incidents strike. When security and IT are separate functions, they typically operate in silos, using different data sets to triage incidents. This results in duplication of work and wasted time validating each other’s findings. And, obviously, both teams are stretched thin and have difficulty accessing each other’s tools and data sets, leading to unneeded delays in investigation, response and recovery.

When using a common set of tools for incident response, critical information is gathered more quickly and accurately. At our Evolution customer conference, we announced new features and products to arm security and IT with the capabilities they need to accelerate incident response:

  • The new Code42 Cloud: fully cloud-native deployment of our capabilities, allowing customers to retain their encryption keys while having zero software on-premises.
  • The new Code42 Forensic File Search product: complete visibility into your data wherever it is in the world, at any time, with real-time results–even when endpoints are offline.

Code42 Forensic File Search is designed to quickly equip security and IT teams to answer the most probing security questions, reducing investigation times for cybersecurity incidents. It is our sincere hope that Code42 Forensic File Search can help move security and IT teams towards the partnership model that’s increasingly essential for today’s enterprise. With security now the responsibility of everyone in an organization, it is more critical than ever that the key players in incident response, security and IT, have the right tools to quickly, reliably and accurately gather information about data security incidents.

Facebook Twitter Google LinkedIn YouTube