Across another full day of learning, we were excited to see the enthusiasm for the new features and functionalities of Security Center in Version 6.0. Several of our Day Two breakout sessions covered the range of use cases for these powerful new security tools and the ways they empower different stakeholders within the enterprise to mitigate risks and manage recurring data security challenges.
Using Security Center to protect against data loss, leak & theft
With the vectors for data loss increasingly coming from within the enterprise—whether maliciously or otherwise—two Code42 experts walked us through how Version 6.0 can directly help mitigate insider threats. Senior Product Manager Matthias Wollnik and Principal Architect Kyle Hatlestad gave a quick reminder of why traditional, prevention-focused security strategies can’t keep up with modern threats. Not only do antivirus and other preventive security products struggle to keep up with rapidly evolving attacks, but traditional perimeter-based security tools are nearly useless when we’re talking about an internal actor. Moreover, creating too many barriers (such as one-size-fits-all data loss prevention rules) hurts user productivity—and ultimately leads to dangerous workarounds.
Fortunately, Version 6.0 helps you move beyond prevention to predicting risk, detecting threats and responding quickly.
- Silent user monitoring: Security Center allows continuous, silent monitoring of what users are doing with their endpoint data. It doesn’t slow down the endpoint, so it doesn’t slow down your users.
- At-a-glance activity reports: Simple, intuitive graphs tell the story of user data activity, including cloud storage activity, removable media usage, accessing unusual files, uploading files and deleting or restoring files. See the spikes and take action.
- See the full story: Don’t just see that a user downloaded files to an unauthorized USB drive. Rich metadata shows you what files they downloaded, and can identify the specific external drive, down to the serial number.
- Forensic searching: An in-the-works feature, forensic searching will allow you to track a specific file across the entire enterprise. Whether it’s a highly valuable file, a corrupt file, or a file that is in some other way notable or suspicious, you can see who has touched the file—and what they’ve done with it.
- User behavior analytics: Matthias gave an in-depth look at the intelligent machine learning technologies behind the new analytics tools we’re developing to help you better predict risk and detect threats.
- Respond to threats with Access Lock: Whether it’s an automated alert, a suspicious change in user patterns or an acute incident, if a device falls into untrusted hands—onsite, offsite, halfway around the world—Access Lock lets you secure that device until it’s back in trusted hands. It’s a transformative level of proactive incident response—and offers invaluable peace of mind.
M&A, legal hold and other data security challenges
Several sessions at Evolution17 focused on how Code42 has gone beyond data protection and recovery to a broad data security solution that makes lives easier for people across the enterprise. Case in point: Michelle Trombetta, Code42’s resident legal hold expert, joined Matthias Wollnik to “play Sherlock Holmes using Code42 data.” Their live demo of Security Center’s legal hold capabilities generated a lot of interest and some great questions as they showed how Code42 can help an enterprise manage legal hold in the case of an M&A data leak.
- Identifying your suspects: Code42 gives you a comprehensive look at all user file activity, including retroactively, at any given time. This significantly simplifies the investigation process. You can hone your search down to exactly who had access to the leaked data or information in question and who actually possessed the files. Because as you probably know, if you investigate everyone, you’ll get nowhere.
- Keeping an eye on your suspects: With Activity Profiles in Security Center, you can get alerts when your suspects move data in specific ways. You can even track their deleted or renamed files, so they can’t “outsmart” the system. And you can adjust backup frequency for those on your list, so you make sure you’re catching all of their endpoint file activity.
- Securing the evidence: Traditionally, you had to go into an employee’s office and physically take a laptop to secure the endpoint data in question. What if they’re not there, if they’re remote, or if you have dozens or hundreds of devices to collect? With the legal hold functionality in 6.0, it’s easy to collect and preserve all the data in question—instantly, no matter where the endpoint and its owner are located. The new Access Lock feature takes that even further, giving you the ability to lock down the data on a user’s device and protect it from tampering with just a few clicks.
It was clear from the reactions throughout Evolution17 that attendees are excited about how Version 6.0 can simplify their day-to-day lives so they can focus on higher-level priorities. Attendees stayed after the end of sessions—skipping lunch—to pepper Code42 experts with eager questions about the new features. Another group broke into a round of spontaneous applause after learning about 6.0 updates to the admin console. As Matthias put so well at the end of one of his well-attended sessions, “Code42 is now a central part of your data security toolkit,” leveraging the leading endpoint backup and recovery solution you know so well to “give you a completely different kind of lens into a broad range of security challenges.”
3 Steps to Mitigating Insider Threat Without Slowing Down Users