Gene Kim on DevOps, Part 3: DevSecOps and Why It’s More Important Than Ever (Video)

We at Code42 were fortunate to have our good friend Gene Kim, author of The Phoenix Project and the leading expert on DevOps, stop by our office for a conversation about DevOps and its implications for security. One of the best parts of the visit for me was talking with Gene about our DevSecOps experiences here at Code42 and how we have brought security into the DevOps model.

Here at Code42, we are on a mission to secure our customers’ ideas. That’s why our DevOps journey included bringing security into the DevOps model. I’m proud to say that we’ve been profoundly successful bringing those security risk controls into our process and making it part of our engineering process.

Security is often viewed—especially by engineering— as the department of “No.” Yet, in the DevOps model, you’re trying to embody self-service and autonomy, which can be difficult to square with accountability.

As our DevSecOps model has come together, our security team has been taking the time to establish the expectations for the engineering side of the house, and we’ve been able to implement those controls. One of the most gratifying outcomes for me is, instead of an after-the-fact security scan, we’re now proactively dealing with security as we design and build our software.

Now, engineering has the freedom to do what they need to do, because they’re able to talk more openly and collegially with the security team. A lot of the answers that were “No” before, when explained in the right context, become “Yes,” because the security team can enable the engineers to move forward.

During our interview, Gene echoed the advantages of bringing security to the DevOps table. “It’s been really gratifying to see organizations … call it not DevOps but DevSecOps,” said Gene. “Truly integrating all the information security objectives into everyone’s daily work.”

Hear what else Gene had to say about DevOps and its implications for security.

If you haven’t already, be sure to check out the previous two installments in our three-part blog and video series with Gene where he talks about what it takes to become a DevOps organization and the role of culture.

Gene Kim on DevOps, Part 1: How Do You Become a DevOps Organization?

Gene Kim on DevOps, Part 2: The Cultural Impact of becoming a DevOps Org

Gene Kim on DevOps, Part 2: The Cultural Impact of becoming a DevOps Org (Video)

Gene Kim, author of The Phoenix Project and one of the most vocal thought leaders for DevOps, spent a day at Code42 headquarters in Minneapolis. During his visit, Gene talked about the optimal cultural conditions that must be in place for companies that embark on a DevOps journey and the advantages of bringing security to the table. This is the second installment in our three-part blog and video series, capturing our conversations with Gene.

As we’ve embarked on our own DevOps journey at Code42, we’ve experienced firsthand that the transformation must be embraced from a cultural perspective in order to make it happen. The core principals of DevOps require systematic thinking, coming together, gaining feedback and then at the same time, constant experimentation. For DevOps to work, it’s critical to have cultural norms that allow people to provide honest feedback without repercussions.

DevOps is not just for the engineering team. There’s something in DevOps that affects everybody from the systems architects to the operations teams to the very way in which QA is administered. In fact, the focus right now on privacy and security make the cultural perspective of DevOps more important than ever because it brings the security and engineering teams together in a very real way. That’s one of the things we at Code42 really appreciate about DevOps: that the cultural norms start to propagate around the organization, so you find groups collaborating across the company.

During my conversation with Gene, he reinforced the importance of team work. He said “Without a doubt, there has to be a sense of collegiality between information security and the engineering teams — that we are fellow team members working toward a common objective.  It’s so counter-intuitive how much more effective this is than the traditional high-ceremony and adversarial nature between infosec and everyone else!”

Listen to part two of my interview with Gene to hear what else he had to say about cultural norms, the absence of fear and empowering security.

“ Without a doubt, there has to be a sense of collegiality between information security and the engineering teams — that we are fellow team members working toward a common objective. ”

Check out the first part of our blog and video series with Gene’s for insights on how to become a DevOps org and watch for part three — why DevSecOps is more important than ever — coming soon.





Gene Kim on DevOps, Part 1: How Do You Become a DevOps Organization? (Video)

Gene Kim, author of The Phoenix Project, stopped by our offices. Gene, who is regarded in the industry as one of —if not the — most vocal enthusiasts of DevOps, is a friend of Code42 and a personal mentor of mine. I was thrilled to sit down and interview him. As a result of our visit, we created a three-part blog and video series, where we explore his views on DevOps — particularly security’s growing role. Our first installment opens with his thoughts on what goes into becoming a DevOps company.

The books Gene has written and his perspective on DevOps have changed the way we at Code42 think about our process. After going through our own DevOps journey, we’ve been optimizing our teams to improve our speed of delivery, ensuring we get our customers the features they need faster.

We are not the only ones to find ourselves on this transformational path. Many of our customers are on DevOps journeys of their own — or thinking about starting one — so we wanted to share our experiences and Gene’s best practices on becoming a DevOps organization.

When I was talking to Gene, I asked him about what it means to be a DevOps company, particularly in this day and age when security is such a top concern for businesses and consumers. We hope this video will help companies understand some of the implications and real advantages of adopting a DevOps model.

“ One of the biggest surprises coming off The Phoenix Project is just to see how much DevOps can dramatically improve the lives of not only developers, but also QA, operations and security. ”

During our conversation, Gene said, One of the biggest surprises coming off The Phoenix Project is just to see how much DevOps can dramatically improve the lives of not only developers, but also QA, operations and security.”

Be sure to check out the next two installments in our three-part blog and video series with Gene, where he talks about the role of culture in becoming a DevOps org and why DevOpsSec is more important than ever.

Managing User Authentication in the Cloud

How do you manage user identities and permissions in your organization?

If you’re like 95 percent of enterprise companies, you’re using Microsoft’s Active Directory Domain Services, otherwise known as Active Directory or simply AD. This is the system that allows your employees to use the same username and password to access any domain-bound internal system, and allows your administrators to manage user identities, rights and permissions at scale. Since its introduction in the late ‘90s, AD has become the most robust, dominant and ubiquitous directory service utility in the technology world.

Before the advent of the cloud, AD was all most companies needed for identity management and authentication. AD managed the services, tools and data stores employees needed on-premises. To access these services with their AD credentials, employees needed direct local network access via an on-site device or a virtual private network.

Today, cloud-based Software as a Service (SaaS) solutions are replacing on-premises solutions of all kinds, including tools for collaboration and data sharing, office productivity, creative production work and data security.

As companies transition their data security to the cloud, identity management and authentication architectures have to transition, too. It can be difficult to keep track of where their AD data lives as it moves between clouds, data centers and endpoints. It can be hard to answer “who, what, when, where and how” data moved, so determining “why” can feel next to impossible.

As a long-time data security solutions provider, we’ve worked with hundreds of organizations as they make this journey. From those experiences, we’ve developed a set of recommendations to help you navigate this change to identity management and authentication systems while maintaining your data security and minimizing user hassle.

“ We’ve developed a set of recommendations to help you navigate this change to identity management and authentication systems while maintaining your data security and minimizing user hassle. ”

Identity management in the cloud

There are many benefits to using cloud-based SaaS services, including reduced costs for platform management and increased scalability. Of course, there are also challenges. One of the biggest problems to solve is integrating an existing on-premises AD identity management structure with these external tools. How can you leverage that existing structure so that users can access new SaaS tools with the same login credentials they’re accustomed to?

Single Sign-On

For security reasons, exposing your local AD server to the internet is not recommended. You could set up a lightweight AD server in a network DMZ that syncs with the internal AD domain controller and thus provides authentication for external requests. However, many cloud-based SaaS services don’t support querying AD, so this method could limit the services you can integrate into such a setup.

Enter single sign-on (SSO). Essentially, SSO is an authentication system that allows users to access multiple unrelated systems after just one login, because that initial login gives them an authentication token that’s trusted by those systems. For example, your company may use separate SaaS solutions in the cloud for human resources, training, CRM and project management. SSO allows users to log in to each of these systems through one central portal, because they all trust the SSO identity provider.

SSO solutions are widespread and compatible with the vast majority of cloud-based SaaS technologies because of the near-universal adoption of the Security Assertion Markup Language (SAML). SaaS technologies that use SAML 2.0 can seamlessly integrate with most SSO providers, as the majority “speak the language” of SAML 2.0.

SSO and AD: a bridge to cloud authentication

All of the major SSO identity platforms, such as Okta Identity Cloud, Google Identity Platform, Azure Active Directory and Ping Identity, have a variation on the concept of the “AD Connector” — a tool that synchronizes your AD user data with the SSO Identity provider. With such a tool, your employees use their AD username and password to log into a cloud-based SaaS tool via your SSO provider. AD makes a secure connection to your SSO identity provider but is otherwise safely walled off from the outside world. All your SaaS applications are able to leverage authentication via SSO because of the ubiquity of the SAML 2.0 standard.

Provisioning users

By utilizing a SAML 2.0-compliant SSO identity provider, you can easily solve the “login question.” The next step is to address provisioning. How do you make SaaS tools aware of those users in the first place? How can you organize the users so the permissions and organizational structure you’ve carefully set up in AD is mirrored in your SaaS tools? Finally, how can you automatically deactivate users in a SaaS tool when you deactivate them in AD?

This is where the System for Cross-domain Identity Management (SCIM) comes in. SCIM is an open standard for communicating user attributes, such as group membership, org membership and permissions, between distinct services. For example, SCIM shares user attributes between AD and an SSO identity provider, or between an SSO provider and a SaaS tool.

SCIM 2.0 is a much newer standard than SAML 2.0 and isn’t quite as ubiquitous. Some SSO providers, such as Okta and Google, use SCIM integrations to make provisioning users a snap. However, Google does not have an interface for setting up provisioning rules in a custom app (for example, a SAML 2.0 SaaS tool that you configured yourself without an official Google app). Some SAML 2.0 identity providers, such as Microsoft’s Active Directory Federation Services, do not support SCIM 2.0 at all.

To solve the “SCIM 2.0 isn’t always available” problem, some cloud-based SaaS applications have developed synchronization tools. For example, Code42’s User Directory Sync synchronizes AD user information via direct one-way communication from the customer’s AD server to the SaaS provider. In this example, Code42 still leverages SSO for user authentication, but user provisioning is made possible via a secure one-way sync.

Embrace the cloud era

The SSO market is fairly crowded, with behemoths like Microsoft and Google going head to head with startups like Okta that focus exclusively on SSO. The fact that these services all speak the same language and endeavor to solve the same problem — leveraging your existing identity management system for cloud authentication — means that tackling this problem has never been easier. The plethora of secure, robust SSO providers makes it easy to transition from your on-prem past to a future in the cloud. With this problem solved, you’ll have time to focus on the other complexities of digital transformation to the cloud, like gaining visibility into where your all of your data is created, stored and shared.

Better EDR and Threat Intel with Code42

The bright lights of Las Vegas are still flashing in my eyes after Black Hat 2018, and I observed a distinct trend: Data security technology vendors increasingly align themselves in one of two categories: threat intelligence or endpoint detection and response (EDR). The most common question I got at Black Hat 2018 was, “How does Code42 fit?” My answer is, quite simply, “Extremely well.”

Threat intelligence and EDR — where Code42 fits

It was easy to tell if you were at a threat intel or EDR vendor booth at Black Hat 2018:

  • The threat intelligence vendors wanted to talk to you about their orchestration framework, how many data feeds they pull in and their glitzy dashboards.
  • The EDR vendors showed you how easy it is to install their endpoint agent — and told you how they’ll alert your security team every time a hoodie-clad hacker in a basement runs exploits on your endpoints.

Code42 provides separate, complementary value to both threat intelligence and EDR solutions by applying a unique, historical file content and context perspective — as opposed to an action- or event-oriented perspective. Here’s why the combination of Code42 and threat intelligence and/or EDR is so powerful:

“ Code42 provides separate, complementary value to both threat intelligence and EDR solutions by applying a unique, historical file content and context perspective. ”

Code42 + threat intelligence

Let’s say your journey starts with a threat intelligence solution. You get an alert that a DNS request was initiated from a transient address in your Wi-Fi network to a newly registered domain or domain associated with known malware. How can you act on this alert?

Well, the threat intel report describes the domain in question as associated with a fake ad-blocker Chrome extension. That report also gives you the file name of the Chrome extension. You can then leverage Code42 Forensic File Search to search for that filename. In less than a second, you can build a unique list of all endpoints in your environment that have this undesirable Chrome extension. You can even sort these results and quickly find the first users to “fall” for the malware trick and give them additional training to help avoid this type of fire drill in the future.

Code42 + EDR

Imagine that an EDR solution sends an alert triggered by a maliciously crafted PDF document found on an endpoint. This suspicious file ran some arbitrary and potentially unknown code at an elevated privilege level. How would your organization react?

First, you may want to see who else has this same document. Using Code42 Forensic File Search, you could look for the checksum or filename of that questionable PDF. In less than a second, you have a complete list of your affected devices and users — whether they are online or not and without impact to the user’s machine or the network.

Now let’s say you want to examine the suspicious file — but the malicious payload deleted the PDF after execution. With Code42’s Backup + Restore  product, you could pull an archived copy and hand it to forensic investigators.

Providing deeper visibility and context

Threat intel and EDR solutions focus on identifying malicious activity or abnormal application behaviors on an endpoint. They’re really good at detecting things like a process attempting a privilege escalation or scanning memory to pilfer credentials. Alerts to these activities are valuable, but they give only one dimension of insight into a complex problem. Code42 is focused on a much bigger picture — providing comprehensive visibility into every action, movement and revision of every file — while simultaneously securing and preserving valuable digital assets. And our powerful search capability cuts through the noise to give you exactly the information you need without overwhelming you with data.

Our unique approach to providing visibility and ensuring availability means Code42 doesn’t fit neatly into a category created by industry analysts. But that doesn’t diminish its value. Rather, it affirms that the value of Code42 cuts across the entire data security stack, regardless of what you do, or what tools or vendors you may already be working with. In fact, Code42 Forensic File Search, coupled with Code42 Backup + Restore, provide a comprehensive, contextually rich and easily searchable service. Combined, they complement not only threat intel and EDR, but almost any other data security solution, providing clear, direct and authoritative results.

Code42 Restores Files, Moods and Attitudes

Here’s a story you’ll probably recognize: Because there’s no sense reinventing the wheel, you use an existing file—for instance, an Excel file or PowerPoint presentation—as the starting point for a new project. As you transform that old file into something brilliant and new, you instinctively hit CTRL+S (because you don’t want to lose that work!)—and unintentionally overwrite the original file, destroying your previous (yet still valuable) work.

You may have also lived this story: You’re working diligently when an email or a webpage opens a pop-up. Thanks to clever trickery, the “OK” and “Cancel” buttons are renamed or the question is misleading, and you’re duped into the wrong click. Suddenly, you feel the heat from your computer as ransomware begins encrypting all your files.

Another painfully familiar tale: Your computer dies or is lost. A day later, your trusty IT team hands you a beautiful new one. This new computer is clean, pristine, fast and slick—but has none of your information on it.

The stages of data loss grief

I’ll bet everyone has experienced at least one of these disasters, so you also know the feelings of disbelief, rage, guilt and sadness that go with them. It’s a big deal! Your ideas are lost. Your data is gone. Your future productivity is marginalized as you scrounge around to find bits and pieces of your files and work.

“ We understand the value of your data; we understand the risk it constantly faces; and we understand the raw emotion of losing (and recovering) that value. ”

I know these feelings all too well. In fact, just last month, I ended up wiping out a presentation two days before I was due to take the stage as a keynote speaker. But it took me less than a minute to recover the file, because, not surprisingly, we here at Code42 have our agent deployed on every endpoint. This was just the latest, deeply personal reminder of why we do the work we do at Code42—why we work so tirelessly to protect your (and my) data. We understand the value of your data; we understand the risk it constantly faces; and we understand the raw emotion of losing (and recovering) that value.

Four big improvements make Code42 restores better than ever

In the last year, we’ve been focusing on updating our technologies to make your restore process even better. Here are four ways we’re taking data restores to a whole new level:

  • Speed: We know that the speed of a restore is at the heart of our solution. When you lose a file, every minute counts. In the last year, we’ve invested time in optimizing our technologies for the new file sizes we expect in 2018. For some of our customers, this has resulted in a 10x improvement in performance.
  • Push Restores: We’ve made a lot of changes to our technology and message queueing to make the push restores work much better. Ironically, modern computing sometimes works against us; computers have gotten so good at understanding their workload that they optimize for the operations they perform the most frequently. Statistically, the Code42 infrastructure does a lot more backups than restores—but those restores (your restores) need to be as fast as possible. We’ve re-trained our servers and message queuing to make sure that your restores are always our top priority.
  • Security: When you store as much data as we do at Code42, making sure it’s safe is absolutely critical. I was thinking about this recently during an internal security exercise. All customer data protected with Code42 is protected with the strongest possible data encryption both in transit and at rest. We continue to find ways to make your precious files even more secure.
  • Bulk Restores: Finally, we’ve done a lot to make sure that even if you are doing massive restores, they are still fast and easy. Whether it’s users recovering an entire machine in minutes, or organizations doing widespread device-to-device migrations (in case of an OS Migration or hardware refresh), we’ve minimized the time and the pain.

No matter how you use Code42, we take pride in taking those “much ado” moments and turning them into “nothing.” We love hearing that “Oh my gosh, thank you so much,” that comes from customers when they recover all of their lost files, and we’re proud to provide the technology that lets you do this for your users.

At Code42, we restore files, moods and attitudes.

Code42 Forensic File Search: Bringing “Night Vision” to Data Visibility

Code42 Forensic File Search: Bringing “Night Vision” to Data Visibility

The other day, while watching a show about modern warfare on The History Channel, I was struck by how technical advancements in modern warfare mirror the innovative leaps we have made in the battle of cybersecurity. In particular, the invention of night-vision goggles brought continuous visibility to the battlefield, changing warfare in two key ways:

  • It illuminated the dark corners: suddenly silent still actors would be seen as if they were fully illuminated; and
  • It enhanced the temporal dimension: what was traditionally a daytime activity became an around-the-clock battle.

Today, with the announcement of Code42 Forensic File Search, we’re happy to say that Code42 brings night vision to data security. We are enabling a new dimension of visibility—illuminating dark corners and creating a fully visible arena that you can examine, mine and use to take action in defense of your data.

We illuminate the dark corners

Imagine that you could search and investigate file activity across every endpoint on your network. You could instantly query your data to find where files are located. In the event of a malicious file finding its way onto your network, within seconds you could know where that file had landed and who was impacted by it—regardless of where the file resided on that machine. Suddenly the ransomware files that hide silently in users’ Recycle Bins and Downloads directories are visible. The least managed–but most exposed–entry points for malware and ransomware are suddenly visible to you.

We change the temporal dimension

Being able to see into the dark corners of the “battlefield” is only the first step. Imagine being able to take immediate action against those endpoints regardless of whether they are on your network, or even powered off in someone’s home. This is the power of Code42 Forensic File Search. We’re constantly logging changes happening on your endpoints and sending them to our cloud where you can interactively query them to find files regardless of the state of the endpoint. Our optics give you the enhanced vision to illuminate file activity on your endpoints, in near real-time, without waiting for users to connect or manually going out and searching the endpoints that were unavailable to you.

Our element of surprise

For years, as security experts we’ve been forced to fight a blind battle—one where the night sky is devoid of stars; one where our enemies could exploit any weakness in our data visibility. Tomorrow’s data security battle is defined by night vision, enabling you to know where your data lives and moves across all endpoints – at a moment’s notice. It’s defined by the ability to get real-time results from dynamic queries. These new capabilities enable the level of digital trust that you need to drive your organization’s digital transformation journey.

Code42 “night vision” is just one of the transformative changes we’re bringing to the battlefield for data visibility and security. What’s next? Well, those in attendance at our Evolution18 customer conference have seen a few glimpses today. We’ll share more here soon.

Protect your business from ransomware

Protect Your Business from Ransomware with Code42

Code42’s endpoint data security solution provides your business with a variety of benefits, including increased productivity, risk mitigation, streamlined user workflows, and more–all in a single product that’s been proven to ultimately save you money. With ransomware making huge headlines in 2017, one of the Code42 features that enterprises are most interested in is ransomware recovery.

Since Code42 backs up your data every 15 minutes by default, you can roll back to a point in time and access files you were working on before the ransomware attack–without ever paying the ransom. Ransomware recovery is one of the major ways a true endpoint backup solution beats file sync and share products for data backup. Sync and share products can’t restore to a particular point in time, but they can actually spread ransomware through an organization.

To learn more about how Code42 beats sync and share products for ransomware recovery, watch our latest feature video below.

Driving Innovation for CrashPlan for Small Business

When we announced our exclusive focus on businesses of all sizes, there were (understandably) a lot of questions about what this means for the future of CrashPlan for Small Business. For those of you who aren’t familiar, CrashPlan for Small Business is our unlimited, automated, and secure cloud backup product designed for emerging businesses with less than 200 employees (including freelancers, home-based businesses, and more).

I understand why those questions came up. We routinely see IT consultants advising this segment to use CrashPlan for Home, and businesses opting for it instead of CrashPlan for Small Business. As a whole, CrashPlan for Home has largely been seen as interchangeable for business and personal use. But CrashPlan for Home and CrashPlan for Small Business are two different products. Expectations of businesses and home users continue to diverge. Businesses, small and large, are worried about things like the cost of doing business, privacy of employee data, and management of data for regulatory compliance (for instance, HIPAA data). These features simply aren’t needed by home users. This is where Code42’s ability to focus exclusively on needs of businesses will benefit our CrashPlan for Small Business customers. That’s because these are the types of problems we’ve been working on for our larger business customers, and we’re now able to apply those investments toward CrashPlan for Small Business.

We’ve already made several dedicated investments in CrashPlan for Small Business that will be ready to debut in 2017 and 2018. For example, we are:

  • Exploring the ability to make it possible for customers to purchase Code42 products more easily without necessarily having to go through a month-long trial (which is required today).
  • Working to introduce a new streamlined user experience for the CrashPlan for Small Business client to simplify common tasks like getting files from your backup or replacing an existing device.

These are just a couple of examples of investments that will lead to even greater innovations in the coming months and years. For those of you now using or considering using CrashPlan for Small Business, let me share some details on what enhancements you can expect.

Device migration

The process for updating computers or replacing lost or stolen laptops can be quite a struggle for most of us. You may not be sure that you’ve got all the data. Plus, you might spend several hours getting all your files from your old computer to a new computer. It’s common to spend half a day, or sometimes a whole day, getting to your new computer set up just right will all your files.

Code42 has long offered a device adoption feature in the CrashPlan client to help users with this process. We received a lot of feedback from customers that the device adoption feature is hard to understand and use. So last year, we introduced a refreshed device replacement workflow as part of the CrashPlan client that we delivered to our larger enterprise customers, and made several improvements in that workflow since. Several of our customers like Getty Images, Jones Lang Lasalle, and Schneider Electric use this updated capability.

CrashPlan for Small Business Device Replacement

When we introduce the new user experience in CrashPlan for Small Business in the near future, you will be able to take advantage of this new, simplified device replacement feature as well. You will spend less time figuring out how to get your files from your old computer to your new one, and it will be easier for you to replace your old computer with the new one.

Security & compliance

Health Insurance Portability and Accountability Act (HIPAA)
Many small and emerging businesses have a need to manage their backup data in a HIPAA compliant manner. If you’re in the healthcare services sector or a law firm, then you know what I’m talking about. Such businesses need technology vendors with whom they can have a Business Associate Agreement (BAA).

Today, Code42 offers the ability to execute a BAA only to our larger enterprise customers – CrashPlan for Small Business customers don’t have this option. As a result, many small businesses opt to purchase our product aimed at larger enterprises. This introduces added complexity to their IT operations, and can add to cost of doing business. Over the last couple of years, Code42 has invested more in the compliance and security aspects of our core platform, and in our internal company processes to make it easier for our enterprise customers to manage their data in a HIPAA-compliant manner. In the near future, we’re planning to introduce the ability to sign a HIPPA BAA for CrashPlan for Small Business customers.

Code42 Security Center
A key feature we’ve rolled out in 2017 for Code42 Enterprise is Code42 Security Center. This feature helps companies figure out if a departing employee has taken sensitive company data with him by copying it to a thumb drive or a personal Dropbox or Google Drive folder. We are exploring the potential of making this application available for small businesses.

Increased globalization

Currently, the majority of CrashPlan for Small Business customers reside in the U.S. While we also have a strong and growing base globally, including in the U.K., Australia, New Zealand and more, those customers have to purchase CrashPlan for Small Business in US Dollars. The data Code42 manages for those customers also resides in Code42’s secure U.S. data centers. For our customers in other parts of the world, this can lead to poor experience with restore speeds, and with the purchase process. We have had many requests from our non-U.S. customers and prospects to be able to purchase CrashPlan for Small Business using local currency, and to have the data reside in their regions.

Based on this feedback, we will expanding our CrashPlan for Small Business features to allow transactions in non-U.S. currencies, and to allow data storage in Code42’s secure data centers around the globe. We will start first with Europe and the U.K., and then work to expand to other regions based on customer need and demand.

These are just a few of the exciting new capabilities we’re working on for CrashPlan for Small Businesses. As we work on all these improvements, we’re also very keen to get direct feedback from our CrashPlan for Small Business customers. To help with this, we have formed a new internal CrashPlan for Small Business Customer Council, which is designed to meet with customers, consider their feedback, and adjust our product development roadmap.

Looking ahead

I am truly excited about all the new capabilities we’re developing for our business customers. We’re working hard to deliver high-quality products that will delight you and will continue to “just work” for you! Thank you for taking the time to read this blog post. Thank you also for considering Code42, and CrashPlan for Small Business for your business needs.

Product Spotlight: Code42 6.0 Platform Launch

Turn endpoint data into valuable security insights, lock user access to data that may be compromised, and experience a simpler, faster platform.

We are pleased to announce that Code42’s 6.0 platform is generally available today! This latest version introduces several new features and upgrades, including:

  • Security Center, which provides the ability to create thresholds for user data activity and configure automatic notifications.
  • Access Lock, which enables administrators to prevent unauthorized access to all content on a device.
  • Refreshed administration console design.
  • A simplified process for managing legal holds.
  • New subscription options called product plans enable administrators to customize which features are available in their Code42 environment.

Security Center:

Starting in the 5-series, Code42 began making significant strides towards solving some of today’s most pressing security concerns for our customers. With Security Center, Code42 provides enterprises with proactive alerts to detect and mitigate insider threat incidents. Leveraging Code42’s multiple-purpose single agent, this app tracks user behavioral patterns based on profile settings, letting you track when data movements exceed established thresholds. Specifically, this allows you to focus on data exfiltration to removable media and cloud storage folders.

Access Lock:

A new feature added by popular demand, Access Lock allows customers to place a device-level lock on users that may be compromising data. Access Lock was built as an immediate action step to the alerts that may be triggered by Security Center. Unlike conventional Remote Wipe approaches, the Code42 approach is unique in that we prevent access to all data on the device, not just the data tagged for backup!

Platform:

In addition to the introduction of new features, 6.0 also comes with a number of exciting platform updates to significantly speed up and ease your Code42 experience. These updates span the Code42 dashboard experience, Cold Storage management, license subscription management and Legal Hold enhancements.

Get started today

Take advantage of these and other 6.0 features by upgrading to version 6.0 of the Code42 platform. View the release notes for more details, and upgrade now.

Facebook Twitter Google LinkedIn YouTube