Best of the Code42 Blog November 2018

The Best of the Blog: December 2018

Catch up on the best stories from the Code42 blog that you might have missed in December. Here’s a roundup of the highlights.

Tips From the Trenches: Threat-Hunting Weapons: Defensive tools are essential for any cybersecurity team. But to take your security to the next level, it’s time to go on offense. Learn how proactive threat hunting can improve the effectiveness of any security program.

It’s Time to Rethink DLP: Three of the five most common data loss incidents involve insiders. Today’s idea-focused organizations need to keep their valuable IP safe, but the prevention-only focus of their legacy DLP solutions no longer matches their needs. Learn how Code42 Next-Gen DLP protects all data without hampering employee productivity.

Product Spotlight: Saved Searches: Most organizations have “crown jewels” —data that makes or breaks the business. Learn how to quickly — and repeatedly — find where these crucial files exist in your organization with the new saved searches feature of Code42 Next-Gen DLP

2018: The Year in Review at Code42: It has been an eventful year for Code42. Catch up on all the new ways Code42 can help you protect your data.

The-Year-in-Review-at-Code42

2018: The Year in Review at Code42

The end of the year is always a great time for reflection. The last 12 months have been especially eventful for Code42. This year, the Code42 product grew and evolved in significant ways. We made product enhancements and introduced more tools to gather actionable intelligence about data risk. Most importantly, we added capabilities that paved the way for our biggest product yet: Code42 Next-Gen Data Loss Protection. We couldn’t have brought this exciting new solution to life without the foundational features unveiled throughout 2018. Here’s a look back at the highlights.

Code42 Forensic File Search

In April, we launched Code42 Forensic File Search, which now forms the core investigation capabilities of Code42 Next-Gen Data Loss Protection. By collecting file metadata and events from endpoints and making them searchable via the cloud, Code42 Forensic File Search enables security teams to get comprehensive answers to challenging security questions in seconds versus days or weeks.

Code42 Forensic File Search expands into cloud services

Our September release included several more enhancements, both big and small. We extended the capabilities of Code42 Forensic File Search so security teams can search for files by SHA256 hash and across cloud services, including Microsoft OneDrive and Google Drive. These capabilities truly unified and broadened the investigation capabilities of Code42 Next-Gen Data Loss Protection, providing full visibility to where corporate files live and move.

With the ability to search file activity in the cloud, IT and security teams are now able to more quickly see what files are shared and with whom; how and when files are added to cloud services; and what files a departing employee accessed, shared, downloaded or transferred before resigning. To further strengthen this capability in 2019, we’ll continue to expand across other cloud services.

With our November release, we added even more improvements to Code42’s investigation and monitoring capabilities. File Exfiltration Detection support was introduced for Mac devices, which now detects files being sent to Slack, FileZilla, FTP and cURL. To make it even easier to keep track of the most critical files, we also rolled out the ability to save search queries.

Code42 customers embraced cloud architectures

Meanwhile, customers told us their cloud strategies were changing. Companies who had originally chosen on-premises and hybrid deployment models were ready to fully embrace the benefits of cloud. We set out to deliver a secure and seamless way for our customers to move to cloud without needing to re-deploy or lose their historical data. This fall, we were proud to deliver a migration path that enables customers to deploy in the cloud in a couple of hours, without any user downtime or data loss. We’ve already had many customers upgrade to the cloud in order to eliminate on-premises hardware and take advantage of all the newest Code42 functionality. If you are a Code42 customer interested in moving to a cloud deployment, contact your CSM today to learn more.

“ Code42 Next-Gen Data Loss Protection takes a fundamentally different approach to protecting corporate data. ”

Next-gen data loss protection

In October, we brought all of our core capabilities together into a single holistic solution and unveiled Code42 Next-Gen Data Loss Protection. We heard from our customers and the market that while traditional data loss prevention (DLP) solutions sound good in concept, they’re failing to live up to their potential in several key ways. Most companies are only using a fraction of the capabilities of their traditional DLP solutions. Security teams describe using traditional DLP as “painful.” Deployments of these tools can take months or years, because proper setup requires an extensive data classification process, and refining DLP policies to fit unique users is complex and iterative. To make the situation even more challenging, traditional DLP blocks employees from getting their work done with rigid data restrictions that interfere with productivity and collaboration.

Most importantly, traditional DLP solutions are narrowly focused on prevention — and business and security leaders now recognize that prevention alone does not work. Data loss will happen. Being able to protect a business from data loss and quickly recover from an incident is more important than the constant efforts needed to prevent an attack from happening — especially when, in the end, prevention fails.

Code42 Next-Gen Data Loss Protection takes a fundamentally different approach to protecting corporate data. Unlike traditional DLP, it does not require policies, which has multiple benefits. The solution deploys in days instead of months; it is not resource-intensive to manage; and it doesn’t burden administrators with false positives. Most importantly, it doesn’t drain user productivity with rigid restrictions on data use.

Code42 Next-Gen Data Loss Protection is cloud-native and preserves every version of every file on every endpoint, forever. It monitors file activity across all endpoints and an ever-expanding list of cloud services. As a result, it provides unified visibility to where files live and move as well as access to the contents of files involved in data security investigations. Code42 Next-Gen Data Loss Protection preserves current and historical endpoint files for rapid content retrieval and investigation, as well as to help meet regulatory requirements.

To achieve these benefits, Code42 Next-Gen DLP leverages five key capabilities:

  • Collection: Automatically collects and stores every version of every file across all endpoints, and indexes all file activity across endpoints and cloud. 
  • Monitoring: Helps identify file exfiltration, providing visibility into files being moved by users to external hard drives, or shared via cloud services, including Microsoft OneDrive and Google Drive.
  • Investigation: Helps quickly triage and prioritize data threats by searching file activity across all endpoints and cloud services in seconds, even when endpoints are offline; and rapidly retrieves actual files — one file, multiple files or all files on a device — to determine the sensitivity of data at risk.
  • Preservation: Allows configuration to retain files for any number of employees, for as long as the files are needed to satisfy data retention requirements related to compliance or litigation.
  • Recovery: Enables rapid retrieval of one file, multiple files or all files on a device even when the device is offline, or in the event files are deleted, corrupted or ransomed.

It’s been a big year for Code42, and with the launch of Code42 Next-Gen Data Loss Protection, next year will be even bigger. Thanks for taking this trip down memory lane with us and see you in 2019!

Code42 Learning for Life

At Code42, We Embrace Learning as Part of Life

As human beings, we are constantly learning. While we work, we’re constantly getting better at our job skills and becoming more knowledgeable in our field. But we also learn from our experiences at work — how we interact with one another and our environment. Learning on the job is inevitable. Employers that embrace that fact and support their employees’ learning journey can help them develop faster and with more confidence.

At Code42, learning is a core part of our culture. This fall, we embraced that by launching a two-month program called “Learning for Life.” Our mission was to highlight the programs, resources and brilliant minds at Code42 through internal education sessions, keynote speakers and opportunities to learn something new. We encouraged curiosity and expanded perspectives for the amazing lifelong learners we are fortunate to employ. We were quite happy to hear the reactions of those who participated in the program:

“ Our mission was to highlight the programs, resources and brilliant minds at Code42 through internal education sessions, keynote speakers and opportunities to learn something new. ”

“I enjoyed the variety of topics and that Code42 was intentionally planning content for this program,” said participant Eileen Potter. “This made me think about the ways I am continually learning. While I’ve always done that in my career, it’s really nice to have an employer actively supporting me with a learning culture.”

“I loved having the chance to hear from a variety of people throughout the company,” said attendee Beth Bornhoeft. “As someone who’s relatively new to the Code42, I felt like this was a chance to get a crash course in institutional knowledge. I found myself with a ton of takeaways that I can use in my job.”

As part of an incredibly dynamic tech industry, we at Code42 are committed to providing learning opportunities that are critical to our success and that of our employees. We know that, in order to remain competitive in the ever-changing market, we need to create an environment that is nimble, agile and flexible to keep pace. That means developing learning and training opportunities that support the personal and professional development of our people.

We believe that a learning mindset is a conscious choice on how to approach work and life. If we cultivate an environment that encourages trial and error as well as resilience and growth, we have a formula for success.

#BeCode42

Diversity is the Answer to the Cybersecurity Talent Shortage

Anyone in the cybersecurity profession understands that organizations are facing a severe shortage of skills in virtually every aspect of information security.

In October, (ISC)², an international nonprofit association of cybersecurity professionals, released its latest Cybersecurity Workforce Study, which found that the cybersecurity workforce gap has increased to more than 2.9 million globally. About two-thirds of those surveyed (63 percent) report that their organizations have a shortage of IT staff dedicated to cybersecurity, and 48 percent said their organizations plan to increase cybersecurity staffing over the next 12 months.

For anyone looking to fill open positions in security programs, those are discouraging numbers. And there are no clear signs that the situation will get better any time soon.

“ Those who embrace diversity now will have a distinct advantage over those who are slower to realize its benefits. ”

Greater diversity can help

The good news is there are things we can do to ease the talent shortage, including bringing more women into the cybersecurity field.

Perhaps one of the more positive findings in the (ISC)² report was that there is a younger workforce and greater representation of women in the study. Women now represent 24 percent of the cybersecurity workforce surveyed, compared with 11 percent from previous studies.

In the cybersecurity world today, we are facing some of the same threats that we faced a decade ago, albeit with new packaging. A variety of viewpoints informed by different backgrounds and experiences will allow the security industry to take new approaches to identify and solve today’s most challenging and persistent threats. These need to include not only more women, but also people of varying ethnicities, countries of origin, ages and other factors.

How to implement diversity

There are steps we can take to increase workforce diversity, and they start before an employee is even hired.

One peer I recently spoke with shared that her organization reviews all job postings for gender-biased language. For example, security practitioners love to use the word “ninja,” as it speaks to precision and accuracy. However, it’s also a word that conjures up images of conflict and danger that may be less appealing to female candidates. Reviewing your job posting for language that may unconsciously favor one gender in the first step to attracting diverse candidates.

Another key is to create programs within your organization that promote diversity and inclusion. This isn’t a particularly progressive stance to take today — it’s simply table stakes. People in the workforce today want to be able to bring their authentic selves to their jobs. If job seekers and employees of all backgrounds believe they won’t be welcome in your organization, they’ll look for work elsewhere.

Mentorship programs within companies are also powerful tools. Through these programs, women working in security professions can provide guidance and encouragement to others in the company or those in the community showing an interest in cybersecurity.

Another initiative is to work with youth organizations to create more awareness about opportunities for women in technology fields in general and in cybersecurity specifically.

For example, Code42 has been partnering with the Girl Scouts for two years on events focused on fostering an interest in technology.

Last year, we hosted “Think Like a Programmer,” an event at which girls worked to earn badges related to Science, Technology, Engineering and Math (STEM). This year, they had an opportunity to work on a new Cybersecurity badge. The purpose of the program is to help girls understand not only the basics of programming, but also that there is a spot for them in cybersecurity.

Events such as these offer an opportunity for girls to meet, talk with and learn from women in the field of technology at Code42; create forums for dialogue about the advantages of STEM; encourage women to pursue careers in high technology by celebrating accomplished female leaders and role models; and bring more awareness to women in technology.

Organizations can also look to recruit diverse candidates who are working in completely different areas to join security teams, if they have skills that apply. For example, someone with a strong background in technology or analytics might have the ability to learn about large, complex systems, and could understand the logic behind how those systems work and their vulnerabilities.

Security executives such as CISOs need to work closely with human resources to recruit a broad array of talent that could make the security team stronger. It’s only a matter of time before this field will be truly diverse, but those who embrace diversity now will have a distinct advantage over those who are slower to realize its benefits.

Product Spotlight: Saved Searches

A Simple Way to Streamline Investigations

While every organization wants to protect its data, some files are more critical than others. You need to know where these “crown jewels” exist in your organization, and you don’t want to reinvent the wheel every time you need to find them. Fortunately, Code42 Next-Gen Data Loss Protection (DLP) can help you quickly and accurately locate these files — and save your search criteria so you can easily find them again in the future.

Code42 Next-Gen DLP protects your intellectual property from loss, leak, misuse and theft by showing you where critical files live and move. With Code42 Next-Gen DLP, you can quickly search for data using file hash, date range, type, filepath and more — to get a complete inventory of where important files reside on your endpoints and cloud services.

For example, suppose your organization has “secret sauce recipes” that are vital to your company’s success. These critical files should only be accessible to select employees — but how can you verify that is indeed the case? You can use Code42 Next-Gen DLP to see if your company’s secret sauce recipes are saved anywhere they shouldn’t be. Simply use Code42’s investigation capabilities to search for the SHA256 hashes of your most critical files.

Once you’ve built a search to identify the location of those special files, you can save the search criteria so you can quickly re-run a search in the future. These saved searches can be named and edited as needed. Saved searches pre-populate queries so that routine searches can be run more frequently.

Keeping your crown jewels safe is at the heart of a good data loss protection strategy. And now, Code42 makes this even easier using saved searches.

At Nasdaq with Pledge 1%

A few years ago, Code42 President and CEO Joe Payne laid out his vision for how Code42 could leave a greater, deeper mark in our communities. In fact, one of our corporate values is to leave the world a better place.

Part of this commitment included joining Pledge 1%, a non-profit organization that started a global movement to encourage companies to integrate giving back into the core of their business. To help celebrate Pledge 1%’s four-year anniversary, we recently joined them in New York along with other member companies to ring the bell at the Nasdaq. It was quite a thrill to be there among a group of some the world’s most innovative companies and talk about social responsibility and how we can do more to give back.

Pledge 1%’s representative said, “We’re ringing the bell to honor all of our Pledge 1% member companies who have gone public already, as well as our Pledge 1% members who will undoubtedly ring the bell in the future.”

Code42 at Nasdaq with Pledge 1%

More information on Code42’s corporate philanthropy program can be found here.

Best of the Code42 Blog November 2018

The Best of the Blog: November 2018

Catch up on the best stories from the Code42 blog that you might have missed in November. Here’s a roundup of highlights:

How Next-Gen DLP is Helping Code42 Customers Today: Learn how IP-driven, employee-focused companies are using the capabilities of Code42 Next-Gen DLP to protect their organizations from data loss, leak, misuse and theft.

Tips From the Trenches: Enhancing Phishing Response Investigations: The only thing better than having the best security tools is when they work together. Learn how combining Code42’s investigation features with a SOAR tool leads to streamlined phishing response investigations.

Security Must Enable People, Not Restrain Them: Instead of deploying processes that are overly restrictive for end users, learn how security teams can become enabling forces in their organizations — while still protecting critical data.

Gene Kim on DevOps, Part 3: DevSecOps and Why it’s More Important Than Ever (Video): DevOps has been a revolution in software development, and Gene Kim has been one of its most influential backers. In the third part of our video series, hear Gene Kim discuss what the development model means for security. Miss the first two videos? Catch them at the end of this post.

Code42 Extra Life

Code42 Raises Over $13,000 for Children’s Miracle Network

This month, gamers of all kinds at Code42 participated in Extra Life, an annual charitable event during which participants pledge to take part in marathon gaming sessions, stream their efforts online, and solicit donations from friends and family. Most Extra Life teams play for 24 hours straight, but our team went above and beyond — this year we extended our Extra Life marathon to 42 consecutive hours to pay homage to our company name. It was a tough two days, but definitely worth it, as the money raised is for a good cause. “Staying up all night gaming with coworkers who are united by a great cause to help a local hospital make sick kids’ lives a bit better — now that’s a great combination,” said player Brian Sweet.

“ The excitement and enthusiasm that goes into participating in Extra Life is magical. I look forward to it all year long. I hope we can continue to raise the bar each year and make that impact bigger! ”

As of this writing, Team Code42 has raised $13,290 for Gillette Children’s Specialty Healthcare and other Children’s Miracle Network (CMN) hospitals — an increase of more than 30 percent over last year’s event. All donations from Extra Life go directly to the CMN hospitals, including our local CMN location, Gillette Children’s Specialty Healthcare. As a Minneapolis-based company, we are particularly excited to help a Twin Cities-based hospital, as giving back to our community is an important part of our company culture.

“Children’s Miracle Network hospitals do amazing work and save lives every day,” said participant Joseph Bozarth. “It means a lot to help them help even more children. It was also a great opportunity to get to know a lot of my coworkers better as we gamed together for a good cause.”

Taking advantage of our Volunteer Time Off program, which grants every Code42 employee two days per year to use for volunteer opportunities, our team of around 50 players spread out across several gaming waves to keep the experience fresh and exciting for the entire 42-hour event. A small crew of primarily Xbox One players kicked off the event on Thursday afternoon, another wave started Thursday evening and a third wave joined in Friday morning to take the team through to Saturday. Throughout the entire event, a separate group provided color commentary (and comedy) for the stream. If you were watching, you might have seen a frenzied match of Rocket League with two burly men in the corner talking about their beard grooming tips. 

Several games were streamed over the course of the event, including For Honor, Rocket League, Call of Duty: Black Ops 4, Dungeons & Dragons and many more. A few special events during the marathon grabbed company-wide attention, such as when members of the Code42 executive team competed against each other in Mario Kart (Senior Vice President of Research, Development and Operations Rob Juncker was the undisputed winner). Another highlight of the event was Rock Band 4, which was set up in the lunchroom for anyone in the company to play. You could hear the sounds of people singing Journey songs throughout the office.

“The excitement and enthusiasm that goes into participating in Extra Life is magical,” said Team Code42 member Tim Putnam. “I look forward to it all year long. I hope we can continue to raise the bar each year and make that impact bigger!”

We want to sincerely thank everyone who donated to our Extra Life event. If you meant to donate but didn’t get to it, there’s still time. To make a safe and easy online donation to a member of our team, click on the “Roster” tab and then on a participant’s name. Your donation is tax-deductible and will make miracles happen for families who desperately need them.

Thank you so much for supporting our team’s efforts!

How-Next-Gen-DLP-is-helping-Code42-customers-today

How Next-Gen DLP Is Helping Code42 Customers Today

Since we announced the Code42 Next-Gen Data Loss Protection (Next-Gen DLP) product last month, it has struck a chord with the prospects and industry analysts we’ve spoken to. It’s exciting to see, because we believe this is an important step beyond conventional data loss prevention technology.

With the introduction of our new product, Code42 is rewriting the paradigm for legacy data loss prevention — shifting the focus from prevention to protection. The Code42 Next-Gen DLP solution offers a simpler, quicker way to secure an organization’s endpoint and cloud data from loss, leak, misuse and theft. Unlike traditional DLP, this cloud-native solution safeguards every version of every file without complex policies and without blocking user productivity or collaboration.

“ Code42 is rewriting the paradigm for legacy data loss prevention — shifting the focus from prevention to protection. ”

The positive reception is no surprise to us. Code42 customers have been using the capabilities that make up Code42 Next-Gen DLP to secure their businesses from data threats for a long time. Here are some of their stories:

Full control of IP — even when employees leave

One of our customers is a global advertising and communications firm. Like many professional services businesses, they need to ensure that proprietary information stays inside the organization to maintain its competitive position and client trust. Backed by Code42’s solution, their organization has visibility into where files are moving and who has access to what information, protecting the company from stolen data — especially when employees leave the company. “It can be a huge hit to your reputation if you lose data specific to a client or project,” the infrastructure project manager said. “Code42 gives us an unalterable snapshot of every single record — which means we’re always protected.”

GDPR compliance with mobile workers

Marel is another customer that has put Code42 to work inside their organization. They are a food processing machinery company based in Iceland. Like many global companies, Marel must comply with the EU’s new General Data Protection Regulation (GDPR), which strengthens personal data protection for business customers.

With Europe as one of its top markets, Marel needed a way to proactively protect and secure data stored on employee devices. “Our sales and service force use laptops heavily so they can work more efficiently while they’re traveling,” said Rob Janssen, manager of global infrastructure and QRC at Marel. “Likewise, managers also work from different locations. In the past their documents, which may contain sensitive data, were not always immediately synced back to the central storage solutions.”

Code42 continuously backs up every version of every file in real time, enabling Marel to comply with key GDPR data protection, recovery and notification requirements. Marel can easily meet GDPR rules requiring companies to report the extent of any personal data breach within 72 hours. The company can recover all files, including data that’s been deleted or maliciously encrypted. The ability to search through archives allows Janssen to determine what files were on a device at a given date and time, what users had access to those files, and what content, including personal information, was housed within those files.

“In the event of a data breach, Code42 helps us assess our exposure by giving us full visibility into every file on every laptop,” Janssen said. “We believe this is critical to complying with the GDPR. Of course, there is a strict process to be followed in these cases.”

A legal hold process with teeth

Another company we count as our customer is MacDonald-Miller. Located in the Pacific Northwest, they are a full-service, design-build mechanical contractor. MacDonald-Miller’s unique value proposition includes designing and blueprinting buildings, and then sending in a full team of plumbers, electricians and sheet metal workers to work on the build. With all that valuable design IP to protect, having an effective legal hold process is critical.

“Prior to Code42, our legal hold process was very vague,” said MacDonald-Miller Network Administrator Chad Tracy. “HR or IT had to find the user’s computer and manually try to search through documents, pictures and Excel files to see what may or may not have been on the user’s computer at the time of termination.”

Now, with Code42, MacDonald-Miller can use a portal to set up a legal hold for users and then monitor whether they’re copying documents on their personal drives.

“We had a pretty high-profile gentleman leaving the company,” said Eddie Anderson, a help desk support agent at MacDonald-Miller. “Through that portal, we were able to monitor his file history and found out 90 gigs of sales opportunities and other critical data had left to the network onto his external drive. Before Code42, there was no way of ever knowing that was happening.”

50,000 customers and counting

Code42 Next-Gen DLP is built from a combination of products that are part of the company’s award-winning data security portfolio, including Code42 Forensic File Search, File Exfiltration Detection, Legal Hold and Backup + Restore. Today, more than 50,000 customers are using capabilities that are part of the Code42 Next-Gen DLP solution.

If you’re a Code42 customer with a tale of success that you’d like to share, let us know. We look forward to including you in a future post!


Baylor University Fast-Tracks Its Windows 10 Migration with Code42

Baylor University Fast-Tracks Its Windows 10 Migration

In order to quickly gain the benefits of Windows 10, Baylor University has been fast-tracking its migration across 8,000 PCs through a strategically scheduled process that effectively handles user settings and profiles. With that many devices on campus needing to be migrated to Windows 10, Baylor University’s IT team knew it had its work cut out for it. Baylor University recently joined Code42 for a webinar detailing their Windows 10 migration journey.

“We realized that there was a need to make the process a little bit smoother, a little bit faster,” said Mike Gonzales, assistant director of system support at Baylor University. “That’s when we started working on getting things scripted to give us the ability to migrate in a faster, more automated, consistent fashion.”

“ The quicker you can get them in and out of the office so they can get back to their day, the easier an experience it is for them. The goal is to leave them in a better position than when they first started. ”

Baylor University’s migration process

One of the first steps in Baylor’s process was to ensure that the IT team could encrypt and back up their devices on pace with the speed of the Windows 10 release cadence.

Once that was established, the team decided to roll out the migration with a testing phase. After they got comfortable with the process, they were then able to migrate larger numbers of devices. They started with the devices that would have the least impact and complexity — in their case desktop computers that didn’t have third-party encrypted software installed.

It was important to keep the migration process moving along because extended support for Windows 7 ends in January 2020. So they strategically scheduled a certain number of migrations per month to meet that deadline.

Creating a consistent, scalable process has been critical for Baylor University. The goal of their process was to ensure that all users had the same positive migration experience and that the IT team could successfully and quickly migrate a large number of devices.

A quick and easy experience for users

By integrating Microsoft’s User State Migration Tool (USMT) with Code42, Baylor’s IT team developed a script that automatically recreated a user’s profile and settings so that after the migration, the device was as familiar to users as it had been previously.

“When end users log in, they see their desktop background of their kids and that’s a really good user experience,” said Brad Hodges, senior analyst programmer at Baylor.

Using cloud-based technology such as InTune or Autopilot in combination with Code42 has helped with consistency and efficiency. The team can set up 32 machines to migrate concurrently in the installation area.

Because it’s moving from Windows 7 to Windows 10, Baylor University is using a wipe-and-reload process so as not to leave behind any legacy and incompatibility issues. The process has been efficient, consistent and reliable.

“It’s a huge change for our people to go from 7 to 10,” said Gonzales. “The quicker you can get them in and out of the office so they can get back to their day, the easier an experience it is for them. The goal is to leave them in a better position than when they first started.”

Up next for Baylor University

Now that they have refined their process and made it scalable, the IT team members have been making plans to extend their migration process to their Mac devices. They are also working on a project to create a self-service model for out-of-the-box devices. Based on the new model, users can unbox their device, log in and simply run a script to configure their new device with the same settings and profiles of their previous computer.

Facebook Twitter Google LinkedIn YouTube