Code42 Policy-Free DLP- It’s Time to Rethink Data Protection

It’s Time to Rethink DLP

As much as we may not like to talk about it, half of the major threats to the security of our corporate data come from the inside. That doesn’t mean that our employees are all malicious — insider threats can surface in many ways: user errors and accidents, lost or stolen devices, even hardware failures — and the list goes on. In fact, a report by International Data Group (IDC) showed that three of the top five most common high-value information incidents involve insiders.

Given this, it’s no surprise that for years, organizations have been using data loss prevention (DLP) solutions to try to prevent data loss incidents. The problem is that the prevention-first approach of legacy DLP solutions no longer meets the needs of today’s IP-rich, culturally progressive organizations, which thrive on mobility, collaboration and speed. The rigid “trust no one” policies of legacy DLP can block user productivity and are often riddled with exceptions and loopholes. For IT, legacy DLP solutions can be expensive to deploy and manage — and only protect selected subsets of files.

“ The prevention-first approach of legacy DLP solutions no longer meets the needs of today’s IP-rich, culturally progressive organizations, which thrive on mobility, collaboration and speed. ”

A fresh start

The prevention focus of traditional DLP forces a productivity trade-off that isn’t right for all companies — and isn’t successfully stopping data breaches. That’s why it’s time for organizations to rethink the very concept of DLP and shift their focus from prevention to protection. Next-generation data loss protection (next-gen DLP) enables security, IT and legal teams to more quickly and easily protect their organization’s data while fostering and maintaining the open and collaborative culture their employees need to get their work done.

Rather than enforcing strict prevention policies that block the day-to-day work of employees, next-gen DLP clears the way for innovation and collaboration by providing full visibility to where files live and move. This approach allows security and IT teams to monitor, detect and respond to suspicious file activity in near real-time.

Next-gen DLP benefits

This next-gen approach to data protection provides the following benefits:

Works without policies: Unlike legacy DLP solutions, next-gen DLP does not require policies — so there is no complex policy management. Because next-gen DLP automatically collects and stores every version of every file across all endpoints, there is no need to set policies around certain types of data. When data loss incidents strike, affected files are already collected, so security and IT teams can simply investigate, preserve and restore them with ease — whether the incident affected one file, multiple files or multiple devices.

Removes productivity blocks: Next-gen DLP enables employees to work without hindering productivity and collaboration. Workers are not slowed down by “prevention-first” policies that inevitably misdiagnose events and interfere with their ability to access and use data to do their work.

Lives in the cloud: As a cloud-native solution, next-gen DLP solutions are free from expensive and challenging hardware management, as well as the complex and costly modular architectures that are common with legacy DLP.

Deploys in days: Next-gen DLP solutions can be rapidly implemented, since the extensive time and effort required to create and refine legacy DLP policies is not needed. Since it works without policy requirements, next-gen DLP is also much easier to manage once deployed than legacy DLP. This is especially important for smaller organizations that can’t wait months or even years for a solution to be fully implemented.

Provides access to every file: While next-gen DLP doesn’t require blanket policies, security teams can still use it to observe and verify employee data use. For example, next-gen DLP can alert administrators when an unusually large number of files are transferred to removable media or cloud services. If the files have left the organization, next-gen DLP can see exactly what was taken and restore those files for rapid investigation and response.

By focusing on all files in an organization, next-gen DLP offers many additional benefits:

  • Visibility into file activity across endpoints and cloud services to speed security investigations. This differs from legacy DLP, which only provides a view of defined subset of data.
  • Fast retrieval of file contents and historical file versions to perform detailed analysis or recovery from data incidents. Legacy DLP solutions don’t collect the contents of files and thus can’t make them available for analysis or recovery.
  • Long-term file retention to help satisfy legal and compliance requirements as well as provide a complete data history for as long a time period as an organization requires. Again, legacy solutions don’t retain file contents and so aren’t able to provide this history.

A new paradigm for DLP

Next-gen DLP is a huge departure from legacy DLP solutions, but it’s a logical and necessary evolution of the category given the changing needs and work preferences of today’s IP-rich and culturally progressive organizations — small, mid-size and large.

Armed with a more discerning tool, organizations no longer have to lock down or block data access with restrictive policies. With full visibility into where every file lives and moves, security teams can collect, monitor, investigate, preserve and recover valuable company data in the event of a data loss incident.

Companies today are looking for better ways to protect their high-value data — while freeing knowledge workers to create the ideas that drive the business. By choosing to implement next-gen DLP, organizations will be able to keep their vital data protected without hindering productivity and innovation.

Code42 Next-Gen Data Loss Protection: What DLP Was Meant to Be

Malware and other external cyber threats get most of the headlines today. It’s not surprising, given the damage done to companies, industries and even countries by outside-in attacks on data. Despite that, insider threats — the risks of data being lost or stolen due to actions inside the company — are just as big a threat.

According to the 2018 Insider Threat Report by Cybersecurity Insiders, 90 percent of cybersecurity professionals feel vulnerable to insider threat. McKinsey’s Insider threat: The human element of cyberrisk reports that 50 percent of breaches involved insiders between 2012-2017.

“ By rethinking traditional DLP, you can know exactly where all your data is, how it is moving throughout your organization and when and how it leaves your organization — without complex policy management, lengthy deployments or blocks to your users’ productivity. ”

“The rise of insider threats is a significant threat to every business and one that is often overlooked,” said Jadee Hanson, Code42’s CISO. “While we all would like to think that employees’ intentions are good, we prepare for malicious actions taken by those from within our organizations. As external protection increases, we all should be concerned as to the influence external actors may have on those working for us and with us every day.”

Insider threats are a big deal, and traditional data loss prevention (DLP) solutions were developed to protect companies and their data from these internal events.

DLP hasn’t delivered

While traditional DLP solutions sound good in concept, most companies are only using a fraction of their capabilities. Security teams describe using these solutions as “painful.” Legacy DLP deployments take months or years, because proper setup requires an extensive data classification process, and refining DLP policies to fit unique users is complex and iterative. And after all that time, traditional DLP still blocks employees from getting their work done with rigid data restrictions that interfere with user productivity and collaboration. They also require on-site servers — counter to the growing business priority of moving solutions to the cloud.

Most importantly, legacy DLP solutions are focused on prevention. Business and security leaders now recognize that prevention alone is no longer enough. Mistakes happen, and data threats sometimes succeed. Being able to recover quickly from data loss incidents is just as important as trying to prevent them.

Rethink DLP

At Code42, we protect over 50,000 companies from internal threats to their data. This focus on protection has enabled us to see things differently, and develop an alternative to data loss prevention: data loss protection. We are excited to announce the new Code42 Next-Gen Data Loss Protection (Code42 Next-Gen DLP) solution that rethinks legacy DLP and protects data from loss without slowing down the business.

Code42 Next-Gen DLP is cloud-native and protects your cloud data as well as all of your endpoint data. It deploys in days instead of months, and provides a single, centralized view with five key capabilities:

  • Collection: Automatically collects and stores every version of every file across all endpoints, and indexes all file activity across endpoints and cloud. 
  • Monitoring: Helps identify file exfiltration, providing visibility into files being moved by users to external hard drives, or shared via cloud services, including Microsoft OneDrive and Google Drive.
  • Investigation: Helps quickly triage and prioritize data threats by searching file activity across all endpoints and cloud services in seconds, even when endpoints are offline; and rapidly retrieves actual files — one file, multiple files or all files on a device — to determine the sensitivity of data at risk.
  • Preservation: Allows configuration to retain files for any number of employees, for as long as the files are needed to satisfy data retention requirements related to compliance or litigation.
  • Recovery: Enables rapid retrieval of one file, multiple files or all files on a device even when the device is offline, or in the event files are deleted, corrupted or ransomed.

By rethinking traditional DLP, you can know exactly where all your data is, how it is moving throughout your organization and when and how it leaves your organization — without complex policy management, lengthy deployments or blocks to your users’ productivity. DLP can finally deliver on what it was originally created to do.

Code42 Forensic File Search: from Endpoints to the Cloud

Code42 Forensic File Search: From Endpoints to the Cloud

Think of your favorite bank heist movie. Ocean’s Eleven, The Italian Job, Die Hard — they all revolve around elaborate schemes to evade and overcome security: guards, metal detectors, badge and lock systems, and the imposing physical safe itself. It happens in real life, too. Thousands of bank robberies are reported to the FBI every year.

Now imagine you’re a bank manager and someone breaks into your safe. What’s one of the first things you’ll do? Look at your security camera footage. These recordings are the fastest and most reliable way to see what happened, who did it and what they took — so you don’t waste another precious minute while the thieves are making their getaway.

“ Now, we’re expanding the powerful investigation capabilities of Code42 Forensic File Search to follow your files into the cloud — starting with Microsoft OneDrive and Google Drive. ”

Code42 Forensic File Search: your cyber security camera

Today, organizations have a wide array of sophisticated cyber security tools designed to prevent and mitigate data loss. But any security pro who is being honest knows it’s a question of when a data breach will happen, not if. When a data loss event occurs, Code42 Forensic File Search is like a security camera for your entire digital environment. With Code42 Forensic File Search, you can “go to the tapes” to see exactly what happened, who was involved, what was taken and where it went. Code42 Forensic File Search is simply the quickest, most effective way to jumpstart your investigation efforts — so you can get your valuable assets back sooner.

Code42 Forensic File Search expands from endpoints to the cloud

We’re constantly looking for new ways to give businesses and security teams greater visibility to their data. We’ve pioneered capabilities that have brought unprecedented visibility to users’ endpoint devices. Now, we’re expanding the powerful investigation capabilities of Code42 Forensic File Search to follow your files into the cloud — starting with Microsoft OneDrive and Google Drive, and adding other leading cloud services platforms, like Box and Slack, in the near future.

Find any file, no matter where it lives — in seconds

As more and more enterprise workflows touch the cloud, there is a growing technology disconnect for security teams. There are tools that give them visibility to data that lives on-premises and on endpoint devices; and there are separate CASB tools that provide visibility to data that lives in cloud accounts. Code42 has bridged that gap by extending Code42 Forensic File Search to cover cloud services. That means you’ll now be able to use the product to easily and instantly search across your entire environment: your users’ endpoint devices and enterprise cloud accounts — whether users are online or offline.

You no longer need to spend weeks sifting through piles of data from multiple tools. Now you have a simple search bar that allows you to “go to the tapes” to find any file, no matter where it lives and moves — in seconds.

Better EDR and Threat Intel with Code42

The bright lights of Las Vegas are still flashing in my eyes after Black Hat 2018, and I observed a distinct trend: Data security technology vendors increasingly align themselves in one of two categories: threat intelligence or endpoint detection and response (EDR). The most common question I got at Black Hat 2018 was, “How does Code42 fit?” My answer is, quite simply, “Extremely well.”

Threat intelligence and EDR — where Code42 fits

It was easy to tell if you were at a threat intel or EDR vendor booth at Black Hat 2018:

  • The threat intelligence vendors wanted to talk to you about their orchestration framework, how many data feeds they pull in and their glitzy dashboards.
  • The EDR vendors showed you how easy it is to install their endpoint agent — and told you how they’ll alert your security team every time a hoodie-clad hacker in a basement runs exploits on your endpoints.

Code42 provides separate, complementary value to both threat intelligence and EDR solutions by applying a unique, historical file content and context perspective — as opposed to an action- or event-oriented perspective. Here’s why the combination of Code42 and threat intelligence and/or EDR is so powerful:

“ Code42 provides separate, complementary value to both threat intelligence and EDR solutions by applying a unique, historical file content and context perspective. ”

Code42 + threat intelligence

Let’s say your journey starts with a threat intelligence solution. You get an alert that a DNS request was initiated from a transient address in your Wi-Fi network to a newly registered domain or domain associated with known malware. How can you act on this alert?

Well, the threat intel report describes the domain in question as associated with a fake ad-blocker Chrome extension. That report also gives you the file name of the Chrome extension. You can then leverage Code42 Forensic File Search to search for that filename. In less than a second, you can build a unique list of all endpoints in your environment that have this undesirable Chrome extension. You can even sort these results and quickly find the first users to “fall” for the malware trick and give them additional training to help avoid this type of fire drill in the future.

Code42 + EDR

Imagine that an EDR solution sends an alert triggered by a maliciously crafted PDF document found on an endpoint. This suspicious file ran some arbitrary and potentially unknown code at an elevated privilege level. How would your organization react?

First, you may want to see who else has this same document. Using Code42 Forensic File Search, you could look for the checksum or filename of that questionable PDF. In less than a second, you have a complete list of your affected devices and users — whether they are online or not and without impact to the user’s machine or the network.

Now let’s say you want to examine the suspicious file — but the malicious payload deleted the PDF after execution. With Code42’s Backup + Restore  product, you could pull an archived copy and hand it to forensic investigators.

Providing deeper visibility and context

Threat intel and EDR solutions focus on identifying malicious activity or abnormal application behaviors on an endpoint. They’re really good at detecting things like a process attempting a privilege escalation or scanning memory to pilfer credentials. Alerts to these activities are valuable, but they give only one dimension of insight into a complex problem. Code42 is focused on a much bigger picture — providing comprehensive visibility into every action, movement and revision of every file — while simultaneously securing and preserving valuable digital assets. And our powerful search capability cuts through the noise to give you exactly the information you need without overwhelming you with data.

Our unique approach to providing visibility and ensuring availability means Code42 doesn’t fit neatly into a category created by industry analysts. But that doesn’t diminish its value. Rather, it affirms that the value of Code42 cuts across the entire data security stack, regardless of what you do, or what tools or vendors you may already be working with. In fact, Code42 Forensic File Search, coupled with Code42 Backup + Restore, provide a comprehensive, contextually rich and easily searchable service. Combined, they complement not only threat intel and EDR, but almost any other data security solution, providing clear, direct and authoritative results.

Cure for the Windows 10 Migration Migraine

Keep precious data safe during an enterprise-wide OS upgrade

One-to-one device migrations, when an IT worker spends hours migrating a device to the Windows 10 platform, aren’t fun for anyone. They drain IT’s time and money and render workers idle as they wait for their devices. More importantly, they put the company at risk for data loss.

Gartner estimates that enterprises using one-to-one migration processes for Windows 10 upgrades could spend up to $445 per device. For a large organization with 2,500 employees, that can add up to more than $1.1 million. And that’s not even counting the loss of productivity as workers wait to get their devices back from IT. Some remote employees may even need to ship their device back to headquarters for the migration, adding additional time and cost.

With 2018 shaping up to be a peak year for Windows 10 migration, how can companies avoid the cost and disruption of a large-scale institutional operating system upgrade? And how can they protect valuable company IP while doing it?

“ By using Code42’s migration solution, companies can save time and money while allowing users to control their experience. ”

Faster, easier, safer

Luckily, savvy companies are turning to user-driven migration for Windows 10. By using tools such as Code42, these organizations are making migrations more scalable and repeatable, cutting costs while keeping their data safe. Using Code42’s migration solution speeds the Windows 10 migration from three hours to 30 minutes on average.

Code42 recommends two different Windows 10 migration processes for companies, based on their needs:

  • Classroom-style migration. For organizations not ready to give up full control to users, this one-to-many process can provide a good interim step on the journey to automation. As its name suggests, in this process, IT hosts events during which multiple users bring their devices and perform the migration themselves, with IT walking them through the process. As in any classroom, if a single user has a specific issue come up during the session, the IT “teacher” can provide some one-to-one guidance while the other users are self-migrating.
  • User-driven migration. Organizations can largely eliminate IT involvement in the Windows 10 migration—the dream of many IT teams—by implementing a fully user-driven process. Using Code42’s migration solution, users simply follow instructions and get in touch with IT only when a specific issue comes up. This approach can speed migrations by 75 percent and leave IT more time to focus on critical issues. Users also benefit by remaining in control of their data and making the migration when it’s convenient for their schedules.

A migration tool that works

To make either of these options work requires the right tool: a simple, intuitive, user-friendly system. Code42 provides this through:

  • Automatic, continuous endpoint backup. Any backup solution that requires manual user activity is doomed to fail because not all users will follow the protocol. Implementing Code42 lays the foundation for a successful migration to Windows 10 because we back up every version of every file, every 15 minutes. No matter how reliable—or not—users are, their endpoint data will be safe.
  • Clear, simple instructions for users. Organizations typically have users who run the gamut of comfort with technology. Code42’s system is powerful enough to facilitate a complex migration like one from Windows 7 to Windows 10, but easy enough for even the least technically savvy employee to walk themselves through the process.
  • Access to data during migration. For certain high-profile users, not being able to access their data for even an hour during migration is unacceptable. Code42 makes it easy for users to access their most recently used files while the other files are migrating.
  • Migration of profiles and device settings. After the Windows 10 migration, users will be up and running more quickly if their device looks, feels and performs as it did before the migration. Code42 migrates device settings so users don’t have to spend precious time doing it themselves.

From dreaded to done

IT teams and users often dread the process and aftermath of an operating system upgrade. By using Code42’s migration solution, companies can save time and money while allowing users to control their experience. More critically, Code42 ensures the security of valuable endpoint data during the Windows 10 migration. IT can focus on more mission-critical tasks and users can continue doing their jobs.

Code42 Restores Files, Moods and Attitudes

Here’s a story you’ll probably recognize: Because there’s no sense reinventing the wheel, you use an existing file—for instance, an Excel file or PowerPoint presentation—as the starting point for a new project. As you transform that old file into something brilliant and new, you instinctively hit CTRL+S (because you don’t want to lose that work!)—and unintentionally overwrite the original file, destroying your previous (yet still valuable) work.

You may have also lived this story: You’re working diligently when an email or a webpage opens a pop-up. Thanks to clever trickery, the “OK” and “Cancel” buttons are renamed or the question is misleading, and you’re duped into the wrong click. Suddenly, you feel the heat from your computer as ransomware begins encrypting all your files.

Another painfully familiar tale: Your computer dies or is lost. A day later, your trusty IT team hands you a beautiful new one. This new computer is clean, pristine, fast and slick—but has none of your information on it.

The stages of data loss grief

I’ll bet everyone has experienced at least one of these disasters, so you also know the feelings of disbelief, rage, guilt and sadness that go with them. It’s a big deal! Your ideas are lost. Your data is gone. Your future productivity is marginalized as you scrounge around to find bits and pieces of your files and work.

“ We understand the value of your data; we understand the risk it constantly faces; and we understand the raw emotion of losing (and recovering) that value. ”

I know these feelings all too well. In fact, just last month, I ended up wiping out a presentation two days before I was due to take the stage as a keynote speaker. But it took me less than a minute to recover the file, because, not surprisingly, we here at Code42 have our agent deployed on every endpoint. This was just the latest, deeply personal reminder of why we do the work we do at Code42—why we work so tirelessly to protect your (and my) data. We understand the value of your data; we understand the risk it constantly faces; and we understand the raw emotion of losing (and recovering) that value.

Four big improvements make Code42 restores better than ever

In the last year, we’ve been focusing on updating our technologies to make your restore process even better. Here are four ways we’re taking data restores to a whole new level:

  • Speed: We know that the speed of a restore is at the heart of our solution. When you lose a file, every minute counts. In the last year, we’ve invested time in optimizing our technologies for the new file sizes we expect in 2018. For some of our customers, this has resulted in a 10x improvement in performance.
  • Push Restores: We’ve made a lot of changes to our technology and message queueing to make the push restores work much better. Ironically, modern computing sometimes works against us; computers have gotten so good at understanding their workload that they optimize for the operations they perform the most frequently. Statistically, the Code42 infrastructure does a lot more backups than restores—but those restores (your restores) need to be as fast as possible. We’ve re-trained our servers and message queuing to make sure that your restores are always our top priority.
  • Security: When you store as much data as we do at Code42, making sure it’s safe is absolutely critical. I was thinking about this recently during an internal security exercise. All customer data protected with Code42 is protected with the strongest possible data encryption both in transit and at rest. We continue to find ways to make your precious files even more secure.
  • Bulk Restores: Finally, we’ve done a lot to make sure that even if you are doing massive restores, they are still fast and easy. Whether it’s users recovering an entire machine in minutes, or organizations doing widespread device-to-device migrations (in case of an OS Migration or hardware refresh), we’ve minimized the time and the pain.

No matter how you use Code42, we take pride in taking those “much ado” moments and turning them into “nothing.” We love hearing that “Oh my gosh, thank you so much,” that comes from customers when they recover all of their lost files, and we’re proud to provide the technology that lets you do this for your users.

At Code42, we restore files, moods and attitudes.

Preserve IT and User Productivity with DIY Windows 10 Migrations

Device migrations have always been an unpleasant fact of life for enterprise IT and are only becoming more frequent. With new devices, new operating systems, OS updates and more coming out multiple times a year, businesses are constantly moving users to the latest tech to keep them at the leading edge of productivity and security.

As of March 2018, Windows 10 was only being used by 39 percent of all Windows users. With Windows 7 reaching the end of extended support in 2020, the pressure to move users to Windows 10 will increase over the next two years. That means there are many, many device migration projects on the horizon for enterprise IT teams.

In order to maintain the highest possible amount of IT and end user productivity, organizations should consider shifting to a “DIY,” or employee-led, migration model.

One-to-one migrations don’t fit the digital enterprise

Whether you call them one-to-one migrations, IT-heavy migrations or white-glove treatment, the traditional approach to device migration can’t keep up with the increasing frequency of tech refresh projects in the typical enterprise.

  • Users lose hours–or days–of productivity: Most one-to-one migrations take several hours, if not days. That means users often lose an entire day of productivity. That’s annoying for the individual user, and the collective impact is immense in large-scale, enterprise-wide tech refresh projects.
  • IT is overwhelmed: For businesses in every industry, IT is shifting from acting as a necessary cost center to delivering a wide range of differentiating value. But when they’re forced to spend the bulk of their time on low-level tasks like one-to-one migrations, IT teams have less time for high-value projects.
  • Projects run on forever: A survey of Code42 customers found that the biggest challenge for migration projects delivered via traditional approaches was scheduling time with users. Flexible work schedules, increasing mobility and a growing remote workforce make scheduling one-to-one-migrations a nightmare. This is part of the reason that data migrations have an average time overrun of 41 percent.
  • They’re incredibly expensive: Businesses tend to think the cost of the technology itself is the big budget item in tech refresh. But IT costs are what lead 80 percent of data migrations to run over budget.
  • Valuable data falls through the cracks: Traditional device migration workflows lean heavily on manual user actions for data backup and restore. The result: One in three enterprise data migration projects experience significant data loss.

Moving to a DIY migration model

As device migrations come more frequently, the pain of the “old way” is becoming evident to IT and business leaders. Moreover, innovative businesses and industry analysts are demonstrating and quantifying the promise of a more scalable approach to device migration.

Imagine end users performing their own migrations in as little as 30 minutes, with no lost data. Consider the massive productivity savings for both users and IT when extended across an enterprise. The savings add up quickly, and both IT and end users are happier.

Webinar: How to Accelerate Incident Response

If you had to pick one word to describe the information security landscape today, what would it be? For me it would be “speed.”

Everything is moving faster – the frequency of data breaches, ransomware mutation rates and the GDPR-driven reporting time limit for data incidents. Prevention is largely a race to try to stay one step ahead of the next threat.

But what about recovery? Incident response times are lengthening. The longer detection and remediation take, the higher the cost to the business and the larger the risk of a cyberattack expanding across the organization.

Join us for our on-demand webinar on how to accelerate incident response times. We’ve got some fresh ideas and unconventional solutions that we hope will help you improve your investigation processes and think “out of the box.”

In this webinar, we will discuss how companies can significantly improve their detection and response times by adopting a product like Code42 Forensic File Search.

This informative webinar will specifically cover how to utilize Code42 Forensic File Search to:

  • Quickly enable the multiple steps, teams and processes involved in investigating and responding to cyber threats;
  • Effectively and efficiently recover from data loss incidents, reducing response times from days and weeks to mere seconds; and
  • Continuously and silently report on file events and metadata across all endpoints for near real-time detection of threats – even when the endpoints are offline.

 

Every Idea Matters: Secure Them with Code42

At the most basic level, every business sprang from an idea. Every advancement, every cure, every game changer–they all started as a concept in someone’s mind. No matter the industry, ideas are the fuel that helps every one of our customers grow.

Every idea matters. It’s a simple concept, but one that guides us at Code42 as we secure our customers’ data–their ideas–wherever they live or move.

Case in point: This week we announced the Code42 Forensic File Search product, which helps security, IT and compliance teams dramatically reduce the time it takes to investigate, respond to and recover from data security incidents that threaten their valuable IP. Because it collects file metadata and events across all endpoints in an organization and makes them searchable via the cloud, you can cut incident response investigations from weeks and months to mere seconds.

Expanding security capabilities

While this new product is exciting in itself, it also marks an important expansion of our security capabilities for global enterprises. With Code42 Backup + Restore, you have access to complete file contents on any endpoint. Code42’s File Exfiltration Detection gives you visibility into departing employees moving files to external drives or cloud services. Code42 Forensic File Search provides you metadata from file activity. Together, these features offer you the greatest visibility yet into what’s happening to the valuable ideas on your organization’s endpoints.

Later this year, we’ll extend the same visibility to the data that lives on corporate cloud applications, including Microsoft OneDrive, Google Drive, Box and Slack. While the endpoint will continue to be relevant, and a key source of data exfiltration and infiltration, we know that in the next five years that much of the data on endpoints will move to the cloud. We intend to be at the forefront of this transition.

Every feature of the Code42 platform was designed with the same end goal in mind: to protect the valuable ideas fueling our customers’ growth. Our customers are changing the world with their ideas. It’s our job to keep those ideas safe. Because every idea matters.

Code42 Forensic File Search: Bringing “Night Vision” to Data Visibility

Code42 Forensic File Search: Bringing “Night Vision” to Data Visibility

The other day, while watching a show about modern warfare on The History Channel, I was struck by how technical advancements in modern warfare mirror the innovative leaps we have made in the battle of cybersecurity. In particular, the invention of night-vision goggles brought continuous visibility to the battlefield, changing warfare in two key ways:

  • It illuminated the dark corners: suddenly silent still actors would be seen as if they were fully illuminated; and
  • It enhanced the temporal dimension: what was traditionally a daytime activity became an around-the-clock battle.

Today, with the announcement of Code42 Forensic File Search, we’re happy to say that Code42 brings night vision to data security. We are enabling a new dimension of visibility—illuminating dark corners and creating a fully visible arena that you can examine, mine and use to take action in defense of your data.

We illuminate the dark corners

Imagine that you could search and investigate file activity across every endpoint on your network. You could instantly query your data to find where files are located. In the event of a malicious file finding its way onto your network, within seconds you could know where that file had landed and who was impacted by it—regardless of where the file resided on that machine. Suddenly the ransomware files that hide silently in users’ Recycle Bins and Downloads directories are visible. The least managed–but most exposed–entry points for malware and ransomware are suddenly visible to you.

We change the temporal dimension

Being able to see into the dark corners of the “battlefield” is only the first step. Imagine being able to take immediate action against those endpoints regardless of whether they are on your network, or even powered off in someone’s home. This is the power of Code42 Forensic File Search. We’re constantly logging changes happening on your endpoints and sending them to our cloud where you can interactively query them to find files regardless of the state of the endpoint. Our optics give you the enhanced vision to illuminate file activity on your endpoints, in near real-time, without waiting for users to connect or manually going out and searching the endpoints that were unavailable to you.

Our element of surprise

For years, as security experts we’ve been forced to fight a blind battle—one where the night sky is devoid of stars; one where our enemies could exploit any weakness in our data visibility. Tomorrow’s data security battle is defined by night vision, enabling you to know where your data lives and moves across all endpoints – at a moment’s notice. It’s defined by the ability to get real-time results from dynamic queries. These new capabilities enable the level of digital trust that you need to drive your organization’s digital transformation journey.

Code42 “night vision” is just one of the transformative changes we’re bringing to the battlefield for data visibility and security. What’s next? Well, those in attendance at our Evolution18 customer conference have seen a few glimpses today. We’ll share more here soon.