Catch up on the best stories from the Code42 blog that you might have missed in December. Here’s a roundup of the highlights.
Tips From the Trenches: Threat-Hunting Weapons: Defensive tools are essential for any cybersecurity team. But to take your security to the next level, it’s time to go on offense. Learn how proactive threat hunting can improve the effectiveness of any security program.
It’s Time to Rethink DLP: Three of the five most common data loss incidents involve insiders. Today’s idea-focused organizations need to keep their valuable IP safe, but the prevention-only focus of their legacy DLP solutions no longer matches their needs. Learn how Code42 Next-Gen DLP protects all data without hampering employee productivity.
Product Spotlight: Saved Searches: Most organizations have “crown jewels” —data that makes or breaks the business. Learn how to quickly — and repeatedly — find where these crucial files exist in your organization with the new saved searches feature of Code42 Next-Gen DLP
The end of the year is always a great time for reflection. The last 12 months have been especially eventful for Code42. This year, the Code42 product grew and evolved in significant ways. We made product enhancements and introduced more tools to gather actionable intelligence about data risk. Most importantly, we added capabilities that paved the way for our biggest product yet: Code42 Next-Gen Data Loss Protection. We couldn’t have brought this exciting new solution to life without the foundational features unveiled throughout 2018. Here’s a look back at the highlights.
Code42 Forensic File Search
In April, we launched Code42 Forensic File Search, which now forms the core investigation capabilities of Code42 Next-Gen Data Loss Protection. By collecting file metadata and events from endpoints and making them searchable via the cloud, Code42 Forensic File Search enables security teams to get comprehensive answers to challenging security questions in seconds versus days or weeks.
Code42 Forensic File Search expands into cloud services
Our September release included several more enhancements, both big and small. We extended the capabilities of Code42 Forensic File Search so security teams can search for files by SHA256 hash and across cloud services, including Microsoft OneDrive and Google Drive. These capabilities truly unified and broadened the investigation capabilities of Code42 Next-Gen Data Loss Protection, providing full visibility to where corporate files live and move.
With the ability to search file activity in the cloud, IT and security teams are now able to more quickly see what files are shared and with whom; how and when files are added to cloud services; and what files a departing employee accessed, shared, downloaded or transferred before resigning. To further strengthen this capability in 2019, we’ll continue to expand across other cloud services.
With our November release, we added even more improvements to Code42’s investigation and monitoring capabilities. File Exfiltration Detection support was introduced for Mac devices, which now detects files being sent to Slack, FileZilla, FTP and cURL. To make it even easier to keep track of the most critical files, we also rolled out the ability to save search queries.
Code42 customers embraced cloud architectures
Meanwhile, customers told us their cloud strategies were changing. Companies who had originally chosen on-premises and hybrid deployment models were ready to fully embrace the benefits of cloud. We set out to deliver a secure and seamless way for our customers to move to cloud without needing to re-deploy or lose their historical data. This fall, we were proud to deliver a migration path that enables customers to deploy in the cloud in a couple of hours, without any user downtime or data loss. We’ve already had many customers upgrade to the cloud in order to eliminate on-premises hardware and take advantage of all the newest Code42 functionality. If you are a Code42 customer interested in moving to a cloud deployment, contact your CSM today to learn more.
“ Code42 Next-Gen Data Loss Protection takes a fundamentally different approach to protecting corporate data. ”
Next-gen data loss protection
In October, we brought all of our core capabilities together into a single holistic solution and unveiled Code42 Next-Gen Data Loss Protection. We heard from our customers and the market that while traditional data loss prevention (DLP) solutions sound good in concept, they’re failing to live up to their potential in several key ways. Most companies are only using a fraction of the capabilities of their traditional DLP solutions. Security teams describe using traditional DLP as “painful.” Deployments of these tools can take months or years, because proper setup requires an extensive data classification process, and refining DLP policies to fit unique users is complex and iterative. To make the situation even more challenging, traditional DLP blocks employees from getting their work done with rigid data restrictions that interfere with productivity and collaboration.
Most importantly, traditional DLP solutions are narrowly focused on prevention — and business and security leaders now recognize that prevention alone does not work. Data loss will happen. Being able to protect a business from data loss and quickly recover from an incident is more important than the constant efforts needed to prevent an attack from happening — especially when, in the end, prevention fails.
Code42 Next-Gen Data Loss Protection takes a fundamentally different approach to protecting corporate data. Unlike traditional DLP, it does not require policies, which has multiple benefits. The solution deploys in days instead of months; it is not resource-intensive to manage; and it doesn’t burden administrators with false positives. Most importantly, it doesn’t drain user productivity with rigid restrictions on data use.
Code42 Next-Gen Data Loss Protection is cloud-native and preserves every version of every file on every endpoint, forever. It monitors file activity across all endpoints and an ever-expanding list of cloud services. As a result, it provides unified visibility to where files live and move as well as access to the contents of files involved in data security investigations. Code42 Next-Gen Data Loss Protection preserves current and historical endpoint files for rapid content retrieval and investigation, as well as to help meet regulatory requirements.
To achieve these benefits, Code42 Next-Gen DLP leverages five key capabilities:
Collection: Automatically collects and stores every version of every file across all endpoints, and indexes all file activity across endpoints and cloud.
Monitoring: Helps identify file exfiltration, providing visibility into files being moved by users to external hard drives, or shared via cloud services, including Microsoft OneDrive and Google Drive.
Investigation: Helps quickly triage and prioritize data threats by searching file activity across all endpoints and cloud services in seconds, even when endpoints are offline; and rapidly retrieves actual files — one file, multiple files or all files on a device — to determine the sensitivity of data at risk.
Preservation: Allows configuration to retain files for any number of employees, for as long as the files are needed to satisfy data retention requirements related to compliance or litigation.
Recovery: Enables rapid retrieval of one file, multiple files or all files on a device even when the device is offline, or in the event files are deleted, corrupted or ransomed.
It’s been a big year for Code42, and with the launch of Code42 Next-Gen Data Loss Protection, next year will be even bigger. Thanks for taking this trip down memory lane with us and see you in 2019!
It’s Time to Rethink DLP
See how reframing DLP around protection rather than prevention delivers powerful benefits.
As human beings, we are constantly learning. While we work, we’re constantly getting better at our job skills and becoming more knowledgeable in our field. But we also learn from our experiences at work — how we interact with one another and our environment. Learning on the job is inevitable. Employers that embrace that fact and support their employees’ learning journey can help them develop faster and with more confidence.
At Code42, learning is a core part of our culture. This fall, we embraced that by launching a two-month program called “Learning for Life.” Our mission was to highlight the programs, resources and brilliant minds at Code42 through internal education sessions, keynote speakers and opportunities to learn something new. We encouraged curiosity and expanded perspectives for the amazing lifelong learners we are fortunate to employ. We were quite happy to hear the reactions of those who participated in the program:
“ Our mission was to highlight the programs, resources and brilliant minds at Code42 through internal education sessions, keynote speakers and opportunities to learn something new. ”
“I enjoyed the variety of topics and that Code42 was intentionally planning content for this program,” said participant Eileen Potter. “This made me think about the ways I am continually learning. While I’ve always done that in my career, it’s really nice to have an employer actively supporting me with a learning culture.”
“I loved having the chance to hear from a variety of people throughout the company,” said attendee Beth Bornhoeft. “As someone who’s relatively new to the Code42, I felt like this was a chance to get a crash course in institutional knowledge. I found myself with a ton of takeaways that I can use in my job.”
As part of an incredibly dynamic tech industry, we at Code42 are committed to providing learning opportunities that are critical to our success and that of our employees. We know that, in order to remain competitive in the ever-changing market, we need to create an environment that is nimble, agile and flexible to keep pace. That means developing learning and training opportunities that support the personal and professional development of our people.
We believe that a learning mindset is a conscious choice on how to approach work and life. If we cultivate an environment that encourages trial and error as well as resilience and growth, we have a formula for success.
A few years ago, Code42 President and CEO Joe Payne laid out his vision for how Code42 could leave a greater, deeper mark in our communities. In fact, one of our corporate values is to leave the world a better place.
Part of this commitment included joining Pledge 1%, a non-profit organization that started a global movement to encourage companies to integrate giving back into the core of their business. To help celebrate Pledge 1%’s four-year anniversary, we recently joined them in New York along with other member companies to ring the bell at the Nasdaq. It was quite a thrill to be there among a group of some the world’s most innovative companies and talk about social responsibility and how we can do more to give back.
Pledge 1%’s representative said, “We’re ringing the bell to honor all of our Pledge 1% member companies who have gone public already, as well as our Pledge 1% members who will undoubtedly ring the bell in the future.”
More information on Code42’s corporate philanthropy program can be found here.
Security Must Enable People, Not Restrain Them: Instead of deploying processes that are overly restrictive for end users, learn how security teams can become enabling forces in their organizations — while still protecting critical data.
This month, gamers of all kinds at Code42 participated in Extra Life, an annual charitable event during which participants pledge to take part in marathon gaming sessions, stream their efforts online, and solicit donations from friends and family. Most Extra Life teams play for 24 hours straight, but our team went above and beyond — this year we extended our Extra Life marathon to 42 consecutive hours to pay homage to our company name. It was a tough two days, but definitely worth it, as the money raised is for a good cause. “Staying up all night gaming with coworkers who are united by a great cause to help a local hospital make sick kids’ lives a bit better — now that’s a great combination,” said player Brian Sweet.
“ The excitement and enthusiasm that goes into participating in Extra Life is magical. I look forward to it all year long. I hope we can continue to raise the bar each year and make that impact bigger! ”
As of this writing, Team Code42 has raised $13,290 for Gillette Children’s Specialty Healthcare and other Children’s Miracle Network (CMN) hospitals — an increase of more than 30 percent over last year’s event. All donations from Extra Life go directly to the CMN hospitals, including our local CMN location, Gillette Children’s Specialty Healthcare. As a Minneapolis-based company, we are particularly excited to help a Twin Cities-based hospital, as giving back to our community is an important part of our company culture.
“Children’s Miracle Network hospitals do amazing work and save lives every day,” said participant Joseph Bozarth. “It means a lot to help them help even more children. It was also a great opportunity to get to know a lot of my coworkers better as we gamed together for a good cause.”
Taking advantage of our Volunteer Time Off program, which grants every Code42 employee two days per year to use for volunteer opportunities, our team of around 50 players spread out across several gaming waves to keep the experience fresh and exciting for the entire 42-hour event. A small crew of primarily Xbox One players kicked off the event on Thursday afternoon, another wave started Thursday evening and a third wave joined in Friday morning to take the team through to Saturday. Throughout the entire event, a separate group provided color commentary (and comedy) for the stream. If you were watching, you might have seen a frenzied match of Rocket League with two burly men in the corner talking about their beard grooming tips.
Several games were streamed over the course of the event, including For Honor, Rocket League, Call of Duty: Black Ops 4, Dungeons & Dragons and many more. A few special events during the marathon grabbed company-wide attention, such as when members of the Code42 executive team competed against each other in Mario Kart (Senior Vice President of Research, Development and Operations Rob Juncker was the undisputed winner). Another highlight of the event was Rock Band 4, which was set up in the lunchroom for anyone in the company to play. You could hear the sounds of people singing Journey songs throughout the office.
“The excitement and enthusiasm that goes into participating in Extra Life is magical,” said Team Code42 member Tim Putnam. “I look forward to it all year long. I hope we can continue to raise the bar each year and make that impact bigger!”
We want to sincerely thank everyone who donated to our Extra Life event. If you meant to donate but didn’t get to it, there’s still time. To make a safe and easy online donation to a member of our team, click on the “Roster” tab and then on a participant’s name. Your donation is tax-deductible and will make miracles happen for families who desperately need them.
Thank you so much for supporting our team’s efforts!
Tips From the Trenches: Searching Files in the Cloud File movement investigations require a complete picture of the whole environment. Learn how Code42’s security team locates and monitors files across endpoints and cloud services like Google Drive and Microsoft OneDrive.
Webinar: Policy-Free DLP
Join Code42 CISO Jadee Hanson, to learn how policy-free DLP can work for your organization.
Ineffective data security strategies are expensive. Whether it’s an IT team trying to save corrupted files or perform manual data storage tasks, an employee having to redo work because a file was irretrievably deleted, or lost sales due to stolen IP, the cost in time, productivity and revenue can add up fast.
Recent research by the Ponemon Institute found that the global average cost of a data breach is $3.86 million, and the average cost for each lost or stolen record containing sensitive information is $148. However, much of that lost productivity can be mitigated with a comprehensive data security strategy that includes effective backup, restore, user self-service and legal hold tools.
Case in point: MacDonald-Miller, a full-service, design-build mechanical contractor in the Pacific Northwest, has developed and implemented a multi-faceted data security strategy that uses Code42 to save time and safeguard valuable company IP. With more than 1,000 employees — many of them mobile workers moving around to different job sites — and 10 locations, it’s critical for MacDonald-Miller’s IT team to have the right tools in place to keep its diverse workforce at maximum productivity. They turned to Code42 to help.
Mitigating employee downtime
With a highly mobile workforce of contractors, foremen, electricians, plumbers and other workers at different job sites, maintaining productivity is critical. If blueprints or plans are lost throughout the day, that can result in expensive idle time.
“All of a sudden, they can’t work,” says Eddie Anderson, help desk support agent for MacDonald-Miller facility solutions. “That’s an expensive workforce to have on hand.”
Previously, restoring lost files was a highly manual, labor intensive process with a low success rate. Workers had to drive to the company’s central location in Seattle to have the IT team work on the problem.
“We’d have to dig through recycle bins, looking for previous versions,” says Chad Tracy, network administrator for MacDonald-Miller facility solutions. “If it really came down to it, we’d have to scan the hard drive to search for missing sectors of files.”
Now, with Code42 Backup + Restore, MacDonald-Miller is saving time on lost file incidents like this, freeing up IT to take on more strategic work.
“We’re saving an hour if not more per restore,” says Tracy. “We’re utilizing that time to really revamp a lot of our knowledge base articles, help users understand self-service, get into that culture mindset and give us creative freedom. We can now jump into things like augmented and virtual reality, which is helping us as a very powerful sales tool.”
Leveraging employee self-service
Because user sophistication varies across MacDonald-Miller’s 1,000-plus employee base, developing self-service tools for IT tasks can be a challenge.
“Our engineering team is very tech-savvy. Then we have electricians and plumbers who, quite frankly, would not like to use a computer ever,” says Anderson. “When we look at a solution for self-service, it needs to be able to hit all those different aspects of our company.”
Previously, when users needed to restore a file, the process was very hands-on and manual. They would call the IT service desk and the IT personnel would have to figure out whether they would need to drive in to the central location for hands-on support.
Now, with Code42, users are able to perform their own restores. This boosts workforce productivity for both the employee needing the restore and the IT department. One sales team member accidentally deleted a bid proposal right before a presentation. She was able to use Code42 to restore a previous version of the file on her own.
“One of the best parts was, IT didn’t even know about it until she came and told us,” says Anderson.
Protecting valuable IP
MacDonald-Miller’s unique value proposition includes designing and blueprinting buildings, and then sending in a full team of plumbers, electricians and sheet metal workers to work on the build. With all that valuable design IP to protect, having an effective legal hold process is critical.
“Prior to Code42, our legal hold process was very vague,” says Tracy. “HR or IT had to find the user’s computer and manually try to search through documents, pictures and Excel files to see what may or may not have been on the user’s computer at the time of termination.”
Now, with Code42, MacDonald-Miller can use a portal to set up a legal hold for users and then monitor whether they’re copying documents on their personal drives.
“We had a pretty high-profile gentleman leaving the company,” says Anderson. “Through that portal, we were able to monitor his file history and found out 90 gigs of sales opportunities and other critical data had left to the network onto his external drive. Before Code42, there was no way of ever knowing that was happening.”
The Risks to Intellectual Property Stored on Endpoints
Intellectual property (IP) is the engine that fuels business growth and can account for up to 80 percent of a company’s value. Today, most corporate IP lives on endpoints, outside of your corporate firewall. Are you protecting that data?
Code42 customer Schneider Electric is a global specialist in energy management and automation. The company helps its customers manage energy and processes in homes, commercial buildings, data centers and industries. With such a wide variety of projects in the organization, the company’s IT desk also faces a broad range of requests from employees. Fortunately, Schneider Electric is a Code42 customer, and the self-service features of the Code42 platform help keep minor tasks like device migrations and file restores from getting in the way of more pressing IT projects.
Schneider Electric Infrastructure Architect Brian Junker and Endpoint Solutions Senior Engineer Austin Joe recently spoke to us about how Code42 helps them preserve the productivity of both the IT team and end users.
In this video, they discuss how Code42’s self-service restore features remove the burden of file restores from IT:
In the second video, Brian and Austin discuss how those same self-service restore features are saving time in device migration and tech refresh projects — a task that traditionally eats up a lot of hours for both IT and the end user.
Best Practices in Device Migration: Two Scalable Strategies
Recently, a cohort of about 30 talented new Code42 hires spent a week with our leadership team, taking in their advice and wisdom. It was Experience Week, our quarterly cultural deep-dive that all new employees participate in within the first 90 to 180 days of their time with the company. Experience Week is a cross-functional, educational, and rewarding experience, and it’s always delivered by senior leaders at Code42.
“ New hires find their place to belong and are charged to make an impact at Code42. It is a powerful and unique experience that motivates and supports our employees. ”
During the week, executives share their experiences, talk about Code42’s values and give a bird’s eye view of the work their teams are doing to move our business forward. In addition, they share anecdotes about family life, hobbies and passions outside of work. Here are some of the snippets shared at our most recent Experience Week:
“Greatness is a choice. It’s being able to see things the way they could be,” said Mike Robbins, senior vice president of worldwide sales. “It’s not a function of circumstances. That’s not how greatness works. We need to choose it.”
“Working at Code42 doesn’t come with an instruction manual, it’s a chance to make an impact,” said Leslie Pendergrast, senior vice president of people. “It’s not a calm carousel ride, but instead a thrilling and exciting roller coaster.”
“As Mark Zuckerberg says, ‘If you’re not breaking stuff, you’re not moving fast enough,’” said senior vice president of research, development and operations Rob Juncker, as he charged the new hires to move fast and innovate.
Feedback from new hires that have gone through Experience Week affirm the personal value they place on the experience. “Every company should invest in their people like this,” said one attendee.
Here are some more thoughts from Experience Week attendees:
“Thank you for taking the time to invest in this for all new hires. I can’t tell you how far it goes to really indoctrinate us into the culture and heartbeat of the company. As a remote employee, it was even more invaluable.”
“I learned a ton about what it will take to succeed at Code42 and emerged really energized to break out of my comfort zone.”
“I was inspired to bring passion and commitment every day and be in charge of my own development.”
Education and connection
As much as Experience Week is about equipping new hires with the context they need to be successful at Code42, it’s equally about connection — connection to our culture and values, and most importantly, our people. By the end of Experience Week, our cohorts of new hires have close connections to 30 to 40 employees from all across the company.
These connections are formed in part by the entertaining evening activities that are part of Experience Week. In the past, these activities have included Iron Chef style cooking competitions, Amazing Race inspired scavenger hunts, Segway tours, escape rooms, Minnesota Twins baseball games and happy hours with executives.
Capstone experience: a personal manifesto
The action-packed week ends with every member of the new hire cohort sharing their personal manifesto. It’s their chance to present themselves to the company in a personal and creative way. The entire company is invited to watch the presentations and learn about who our new employees are, what drives them personally, and how they plan to make an impact on the organization going forward.
We are only as good as our people. Experience Week is an investment in our team members. New hires find their place to belong and are charged to make an impact at Code42. It is a powerful and unique experience that motivates and supports our employees with the context and connections they need to pursue peak performance, individually and collectively.
Are you a difference-maker? Join our team and maybe we’ll see you at our next Experience Week. code42.com/careers