At Nasdaq with Pledge 1%

A few years ago, Code42 President and CEO Joe Payne laid out his vision for how Code42 could leave a greater, deeper mark in our communities. In fact, one of our corporate values is to leave the world a better place.

Part of this commitment included joining Pledge 1%, a non-profit organization that started a global movement to encourage companies to integrate giving back into the core of their business. To help celebrate Pledge 1%’s four-year anniversary, we recently joined them in New York along with other member companies to ring the bell at the Nasdaq. It was quite a thrill to be there among a group of some the world’s most innovative companies and talk about social responsibility and how we can do more to give back.

Pledge 1%’s representative said, “We’re ringing the bell to honor all of our Pledge 1% member companies who have gone public already, as well as our Pledge 1% members who will undoubtedly ring the bell in the future.”

Code42 at Nasdaq with Pledge 1%

More information on Code42’s corporate philanthropy program can be found here.

Code42 Policy-Free DLP- It’s Time to Rethink Data Protection

It’s Time to Rethink DLP

As much as we may not like to talk about it, half of the major threats to the security of our corporate data come from the inside. That doesn’t mean that our employees are all malicious — insider threats can surface in many ways: user errors and accidents, lost or stolen devices, even hardware failures — and the list goes on. In fact, a report by International Data Group (IDC) showed that three of the top five most common high-value information incidents involve insiders.

Given this, it’s no surprise that for years, organizations have been using data loss prevention (DLP) solutions to try to prevent data loss incidents. The problem is that the prevention-first approach of legacy DLP solutions no longer meets the needs of today’s IP-rich, culturally progressive organizations, which thrive on mobility, collaboration and speed. The rigid “trust no one” policies of legacy DLP can block user productivity and are often riddled with exceptions and loopholes. For IT, legacy DLP solutions can be expensive to deploy and manage — and only protect selected subsets of files.

“ The prevention-first approach of legacy DLP solutions no longer meets the needs of today’s IP-rich, culturally progressive organizations, which thrive on mobility, collaboration and speed. ”

A fresh start

The prevention focus of traditional DLP forces a productivity trade-off that isn’t right for all companies — and isn’t successfully stopping data breaches. That’s why it’s time for organizations to rethink the very concept of DLP and shift their focus from prevention to protection. Next-generation data loss protection (next-gen DLP) enables security, IT and legal teams to more quickly and easily protect their organization’s data while fostering and maintaining the open and collaborative culture their employees need to get their work done.

Rather than enforcing strict prevention policies that block the day-to-day work of employees, next-gen DLP clears the way for innovation and collaboration by providing full visibility to where files live and move. This approach allows security and IT teams to monitor, detect and respond to suspicious file activity in near real-time.

Next-gen DLP benefits

This next-gen approach to data protection provides the following benefits:

Works without policies: Unlike legacy DLP solutions, next-gen DLP does not require policies — so there is no complex policy management. Because next-gen DLP automatically collects and stores every version of every file across all endpoints, there is no need to set policies around certain types of data. When data loss incidents strike, affected files are already collected, so security and IT teams can simply investigate, preserve and restore them with ease — whether the incident affected one file, multiple files or multiple devices.

Removes productivity blocks: Next-gen DLP enables employees to work without hindering productivity and collaboration. Workers are not slowed down by “prevention-first” policies that inevitably misdiagnose events and interfere with their ability to access and use data to do their work.

Lives in the cloud: As a cloud-native solution, next-gen DLP solutions are free from expensive and challenging hardware management, as well as the complex and costly modular architectures that are common with legacy DLP.

Deploys in days: Next-gen DLP solutions can be rapidly implemented, since the extensive time and effort required to create and refine legacy DLP policies is not needed. Since it works without policy requirements, next-gen DLP is also much easier to manage once deployed than legacy DLP. This is especially important for smaller organizations that can’t wait months or even years for a solution to be fully implemented.

Provides access to every file: While next-gen DLP doesn’t require blanket policies, security teams can still use it to observe and verify employee data use. For example, next-gen DLP can alert administrators when an unusually large number of files are transferred to removable media or cloud services. If the files have left the organization, next-gen DLP can see exactly what was taken and restore those files for rapid investigation and response.

By focusing on all files in an organization, next-gen DLP offers many additional benefits:

  • Visibility into file activity across endpoints and cloud services to speed security investigations. This differs from legacy DLP, which only provides a view of defined subset of data.
  • Fast retrieval of file contents and historical file versions to perform detailed analysis or recovery from data incidents. Legacy DLP solutions don’t collect the contents of files and thus can’t make them available for analysis or recovery.
  • Long-term file retention to help satisfy legal and compliance requirements as well as provide a complete data history for as long a time period as an organization requires. Again, legacy solutions don’t retain file contents and so aren’t able to provide this history.

A new paradigm for DLP

Next-gen DLP is a huge departure from legacy DLP solutions, but it’s a logical and necessary evolution of the category given the changing needs and work preferences of today’s IP-rich and culturally progressive organizations — small, mid-size and large.

Armed with a more discerning tool, organizations no longer have to lock down or block data access with restrictive policies. With full visibility into where every file lives and moves, security teams can collect, monitor, investigate, preserve and recover valuable company data in the event of a data loss incident.

Companies today are looking for better ways to protect their high-value data — while freeing knowledge workers to create the ideas that drive the business. By choosing to implement next-gen DLP, organizations will be able to keep their vital data protected without hindering productivity and innovation.

Code42 Tips From the Trenches- Threat-Hunting Weapons

Tips From the Trenches: Threat-Hunting Weapons

When it comes to cybersecurity, too many enterprises remain on a reactive footing. This ends up being a drag on their efforts because, rather than getting ahead of the threats that target their systems, they spend too much of their time reacting to security alerts and incidents within their environments.

While being able to react to attacks quickly is important for any security team, it’s also important to get out in front of potential risks to identify threats lurking within your systems before they become active.

In this post, we’ll explain how threat hunting within one’s environment can help to break that reactive cycle and improve the effectiveness of any security program.

“ You don’t need a large security organization or any special security tools to start to proactively threat hunt; any security team can start threat hunting, and often using the tools they already have. ”

Threat hunting defined

Before going forward, let’s first take a step back and define what we mean by threat hunting. Essentially, threat hunting is the proactive search for evidence of undetected malicious activity or compromise. These threats can include anything from remote-access tools beaconing to an attacker’s command and control server to malicious actions of an employee or other trusted insider.

Threat hunting is essential for effective security for many reasons. First, defensive security technologies such as intrusion detection/prevention systems and anti-malware software will never successfully identify and block all malware or attacks. Some things are just going to get through. Second, by finding malware and threats that made it past your defenses, you’ll be able to more effectively secure your systems and make your environment much harder for attackers to exploit. Finally, getting adept at finding threats in your environment will improve your organization’s overall ability to respond to threats and, as a result, over time dramatically improve your security posture.

Your arsenal

Because threat hunting entails looking for things that have yet to trigger alerts — if they ever would trigger alerts, to begin with — it is important to look deeper for evidence of compromise. Fortunately, you don’t need a large security organization or any special security tools to start to proactively threat hunt; any security team can start threat hunting, and often using the tools they already have.

For instance, many of the data sources used in threat hunting will be found in firewall, proxy and endpoint logs. While these sources of data probably aren’t alerting on anything malicious, they still hold a considerable amount of security data that can point to potential indicators that an environment has been breached under their radar.

Other readily available tools are helpful for threat analysis, such as Bro (https://www.bro.org/), RITA (https://github.com/activecm/rita), or OSQuery (https://osquery.io/). These tools will help provide additional visibility into network and endpoint data that could provide insights into potential compromise. With these tools, teams can monitor internal network activity, such as virus outbreaks and lateral movements of data. Monitoring East-West network traffic in addition to what is moving through the firewall provides critical insights to the overall health of your network.

The investigation capabilities of Code42 Next-Gen Data Loss Protection (DLP) can be extremely helpful for threat hunting, for determining how widespread a file is distributed in the environment, and to give information about file lifecycle, all of which provide context around whether a file is business-related or suspicious. For example, with Code42 Next-Gen DLP, you can search by MD5 hash or SHA-256 to find all instances of a sensitive file in your organization, or determine if known malware has been detected in your organization.

New tools and new ways of thinking may seem overwhelming at first. However, threat hunting doesn’t have to be all-consuming. You can start with committing a modest amount of time to the hunt, and incrementally build your threat hunting capability over weeks and months to find malicious files and unusual activity. Also, as a direct benefit to your security program you will be able to eliminate noise in your environment, better tune your security tools, find areas of vulnerability and harden those areas, and enhance your security posture at your own pace.

Now, get hunting.

Best of the Code42 Blog November 2018

The Best of the Blog: November 2018

Catch up on the best stories from the Code42 blog that you might have missed in November. Here’s a roundup of highlights:

How Next-Gen DLP is Helping Code42 Customers Today: Learn how IP-driven, employee-focused companies are using the capabilities of Code42 Next-Gen DLP to protect their organizations from data loss, leak, misuse and theft.

Tips From the Trenches: Enhancing Phishing Response Investigations: The only thing better than having the best security tools is when they work together. Learn how combining Code42’s investigation features with a SOAR tool leads to streamlined phishing response investigations.

Security Must Enable People, Not Restrain Them: Instead of deploying processes that are overly restrictive for end users, learn how security teams can become enabling forces in their organizations — while still protecting critical data.

Gene Kim on DevOps, Part 3: DevSecOps and Why it’s More Important Than Ever (Video): DevOps has been a revolution in software development, and Gene Kim has been one of its most influential backers. In the third part of our video series, hear Gene Kim discuss what the development model means for security. Miss the first two videos? Catch them at the end of this post.

Code42 Extra Life

Code42 Raises Over $13,000 for Children’s Miracle Network

This month, gamers of all kinds at Code42 participated in Extra Life, an annual charitable event during which participants pledge to take part in marathon gaming sessions, stream their efforts online, and solicit donations from friends and family. Most Extra Life teams play for 24 hours straight, but our team went above and beyond — this year we extended our Extra Life marathon to 42 consecutive hours to pay homage to our company name. It was a tough two days, but definitely worth it, as the money raised is for a good cause. “Staying up all night gaming with coworkers who are united by a great cause to help a local hospital make sick kids’ lives a bit better — now that’s a great combination,” said player Brian Sweet.

“ The excitement and enthusiasm that goes into participating in Extra Life is magical. I look forward to it all year long. I hope we can continue to raise the bar each year and make that impact bigger! ”

As of this writing, Team Code42 has raised $13,290 for Gillette Children’s Specialty Healthcare and other Children’s Miracle Network (CMN) hospitals — an increase of more than 30 percent over last year’s event. All donations from Extra Life go directly to the CMN hospitals, including our local CMN location, Gillette Children’s Specialty Healthcare. As a Minneapolis-based company, we are particularly excited to help a Twin Cities-based hospital, as giving back to our community is an important part of our company culture.

“Children’s Miracle Network hospitals do amazing work and save lives every day,” said participant Joseph Bozarth. “It means a lot to help them help even more children. It was also a great opportunity to get to know a lot of my coworkers better as we gamed together for a good cause.”

Taking advantage of our Volunteer Time Off program, which grants every Code42 employee two days per year to use for volunteer opportunities, our team of around 50 players spread out across several gaming waves to keep the experience fresh and exciting for the entire 42-hour event. A small crew of primarily Xbox One players kicked off the event on Thursday afternoon, another wave started Thursday evening and a third wave joined in Friday morning to take the team through to Saturday. Throughout the entire event, a separate group provided color commentary (and comedy) for the stream. If you were watching, you might have seen a frenzied match of Rocket League with two burly men in the corner talking about their beard grooming tips. 

Several games were streamed over the course of the event, including For Honor, Rocket League, Call of Duty: Black Ops 4, Dungeons & Dragons and many more. A few special events during the marathon grabbed company-wide attention, such as when members of the Code42 executive team competed against each other in Mario Kart (Senior Vice President of Research, Development and Operations Rob Juncker was the undisputed winner). Another highlight of the event was Rock Band 4, which was set up in the lunchroom for anyone in the company to play. You could hear the sounds of people singing Journey songs throughout the office.

“The excitement and enthusiasm that goes into participating in Extra Life is magical,” said Team Code42 member Tim Putnam. “I look forward to it all year long. I hope we can continue to raise the bar each year and make that impact bigger!”

We want to sincerely thank everyone who donated to our Extra Life event. If you meant to donate but didn’t get to it, there’s still time. To make a safe and easy online donation to a member of our team, click on the “Roster” tab and then on a participant’s name. Your donation is tax-deductible and will make miracles happen for families who desperately need them.

Thank you so much for supporting our team’s efforts!

How-Next-Gen-DLP-is-helping-Code42-customers-today

How Next-Gen DLP Is Helping Code42 Customers Today

Since we announced the Code42 Next-Gen Data Loss Protection (Next-Gen DLP) product last month, it has struck a chord with the prospects and industry analysts we’ve spoken to. It’s exciting to see, because we believe this is an important step beyond conventional data loss prevention technology.

With the introduction of our new product, Code42 is rewriting the paradigm for legacy data loss prevention — shifting the focus from prevention to protection. The Code42 Next-Gen DLP solution offers a simpler, quicker way to secure an organization’s endpoint and cloud data from loss, leak, misuse and theft. Unlike traditional DLP, this cloud-native solution safeguards every version of every file without complex policies and without blocking user productivity or collaboration.

“ Code42 is rewriting the paradigm for legacy data loss prevention — shifting the focus from prevention to protection. ”

The positive reception is no surprise to us. Code42 customers have been using the capabilities that make up Code42 Next-Gen DLP to secure their businesses from data threats for a long time. Here are some of their stories:

Full control of IP — even when employees leave

One of our customers is a global advertising and communications firm. Like many professional services businesses, they need to ensure that proprietary information stays inside the organization to maintain its competitive position and client trust. Backed by Code42’s solution, their organization has visibility into where files are moving and who has access to what information, protecting the company from stolen data — especially when employees leave the company. “It can be a huge hit to your reputation if you lose data specific to a client or project,” the infrastructure project manager said. “Code42 gives us an unalterable snapshot of every single record — which means we’re always protected.”

GDPR compliance with mobile workers

Marel is another customer that has put Code42 to work inside their organization. They are a food processing machinery company based in Iceland. Like many global companies, Marel must comply with the EU’s new General Data Protection Regulation (GDPR), which strengthens personal data protection for business customers.

With Europe as one of its top markets, Marel needed a way to proactively protect and secure data stored on employee devices. “Our sales and service force use laptops heavily so they can work more efficiently while they’re traveling,” said Rob Janssen, manager of global infrastructure and QRC at Marel. “Likewise, managers also work from different locations. In the past their documents, which may contain sensitive data, were not always immediately synced back to the central storage solutions.”

Code42 continuously backs up every version of every file in real time, enabling Marel to comply with key GDPR data protection, recovery and notification requirements. Marel can easily meet GDPR rules requiring companies to report the extent of any personal data breach within 72 hours. The company can recover all files, including data that’s been deleted or maliciously encrypted. The ability to search through archives allows Janssen to determine what files were on a device at a given date and time, what users had access to those files, and what content, including personal information, was housed within those files.

“In the event of a data breach, Code42 helps us assess our exposure by giving us full visibility into every file on every laptop,” Janssen said. “We believe this is critical to complying with the GDPR. Of course, there is a strict process to be followed in these cases.”

A legal hold process with teeth

Another company we count as our customer is MacDonald-Miller. Located in the Pacific Northwest, they are a full-service, design-build mechanical contractor. MacDonald-Miller’s unique value proposition includes designing and blueprinting buildings, and then sending in a full team of plumbers, electricians and sheet metal workers to work on the build. With all that valuable design IP to protect, having an effective legal hold process is critical.

“Prior to Code42, our legal hold process was very vague,” said MacDonald-Miller Network Administrator Chad Tracy. “HR or IT had to find the user’s computer and manually try to search through documents, pictures and Excel files to see what may or may not have been on the user’s computer at the time of termination.”

Now, with Code42, MacDonald-Miller can use a portal to set up a legal hold for users and then monitor whether they’re copying documents on their personal drives.

“We had a pretty high-profile gentleman leaving the company,” said Eddie Anderson, a help desk support agent at MacDonald-Miller. “Through that portal, we were able to monitor his file history and found out 90 gigs of sales opportunities and other critical data had left to the network onto his external drive. Before Code42, there was no way of ever knowing that was happening.”

50,000 customers and counting

Code42 Next-Gen DLP is built from a combination of products that are part of the company’s award-winning data security portfolio, including Code42 Forensic File Search, File Exfiltration Detection, Legal Hold and Backup + Restore. Today, more than 50,000 customers are using capabilities that are part of the Code42 Next-Gen DLP solution.

If you’re a Code42 customer with a tale of success that you’d like to share, let us know. We look forward to including you in a future post!


Tips-From-the-Trenches--Enhancing-Phishing-Response-Investigations

Tips From the Trenches: Enhancing Phishing Response Investigations

In an earlier blog post, I explained how the Code42 security team is using security orchestration, automation and response (SOAR) tools to make our team more efficient. Today, I’d like to dive a little deeper and give you an example of how we’re combining a SOAR tool with the Code42 Forensic File Search API — part of the Code42 Next-Gen Data Loss Protection (DLP) product —  to streamline phishing response investigations.

A typical phishing response playbook — with a boost

Below is a screenshot of a relatively simple phishing response playbook that we created using Phantom (a SOAR tool) and the Code42 Forensic File Search API:

We based this playbook on a phishing template built into the Phantom solution. It includes many of the actions that would normally be applied as a response to a suspicious email — actions that investigate and geolocate IP addresses, and conduct reputation searches for IPs and domains. We added a couple of helper actions (“deproofpoint url” and “domain reputation”) to normalize URLs and assist with case management.

You may have noticed one unusual action. We added “hunt file” via the Code42 Forensic File Search API. If a suspicious email has an attachment, this action will search our entire environment by file hash for other copies of that attachment.

“ Combining the speed of Code42 Next-Gen DLP with the automation of SOAR tools can cut response times significantly. ”

What Code42 Next-Gen DLP can tell us

Applying Code42 Next-Gen DLP to our playbook shortens investigation time. The “hunt file” action allows us to quickly see if there are multiple copies of a malicious file in our environment. If that proves to be true, it is quick evidence that there may be a widespread email campaign against our users. On the other hand, the search may show that the file has a long internal history in file locations and on endpoints. This history would suggest that the file exists as part of normal operating procedure and that we may be dealing with a false alarm. Either way, together the Code42 Next-Gen DLP API and its investigation capability give us additional file context so our security team can make smarter, and more informed and confident decisions about what to do next.

Applying Code42 Next-Gen DLP to other threat investigations

This type of “hunt file” action does not need to be limited to investigating suspected phishing emails. In fact, it could be applied to any security event that involves a file — such as an anti-virus alert, an EDR alert or even IDS/IPS alerts that trigger on file events. Using Code42 Next-Gen DLP, security staff can determine in seconds where else that file exists in the environment and if any further action is necessary.

Combining the speed of Code42 Next-Gen DLP with the automation of SOAR tools can cut response times significantly. That’s something any security team can appreciate.

As always, happy threat hunting!

Baylor University Fast-Tracks Its Windows 10 Migration with Code42

Baylor University Fast-Tracks Its Windows 10 Migration

In order to quickly gain the benefits of Windows 10, Baylor University has been fast-tracking its migration across 8,000 PCs through a strategically scheduled process that effectively handles user settings and profiles. With that many devices on campus needing to be migrated to Windows 10, Baylor University’s IT team knew it had its work cut out for it. Baylor University recently joined Code42 for a webinar detailing their Windows 10 migration journey.

“We realized that there was a need to make the process a little bit smoother, a little bit faster,” said Mike Gonzales, assistant director of system support at Baylor University. “That’s when we started working on getting things scripted to give us the ability to migrate in a faster, more automated, consistent fashion.”

“ The quicker you can get them in and out of the office so they can get back to their day, the easier an experience it is for them. The goal is to leave them in a better position than when they first started. ”

Baylor University’s migration process

One of the first steps in Baylor’s process was to ensure that the IT team could encrypt and back up their devices on pace with the speed of the Windows 10 release cadence.

Once that was established, the team decided to roll out the migration with a testing phase. After they got comfortable with the process, they were then able to migrate larger numbers of devices. They started with the devices that would have the least impact and complexity — in their case desktop computers that didn’t have third-party encrypted software installed.

It was important to keep the migration process moving along because extended support for Windows 7 ends in January 2020. So they strategically scheduled a certain number of migrations per month to meet that deadline.

Creating a consistent, scalable process has been critical for Baylor University. The goal of their process was to ensure that all users had the same positive migration experience and that the IT team could successfully and quickly migrate a large number of devices.

A quick and easy experience for users

By integrating Microsoft’s User State Migration Tool (USMT) with Code42, Baylor’s IT team developed a script that automatically recreated a user’s profile and settings so that after the migration, the device was as familiar to users as it had been previously.

“When end users log in, they see their desktop background of their kids and that’s a really good user experience,” said Brad Hodges, senior analyst programmer at Baylor.

Using cloud-based technology such as InTune or Autopilot in combination with Code42 has helped with consistency and efficiency. The team can set up 32 machines to migrate concurrently in the installation area.

Because it’s moving from Windows 7 to Windows 10, Baylor University is using a wipe-and-reload process so as not to leave behind any legacy and incompatibility issues. The process has been efficient, consistent and reliable.

“It’s a huge change for our people to go from 7 to 10,” said Gonzales. “The quicker you can get them in and out of the office so they can get back to their day, the easier an experience it is for them. The goal is to leave them in a better position than when they first started.”

Up next for Baylor University

Now that they have refined their process and made it scalable, the IT team members have been making plans to extend their migration process to their Mac devices. They are also working on a project to create a self-service model for out-of-the-box devices. Based on the new model, users can unbox their device, log in and simply run a script to configure their new device with the same settings and profiles of their previous computer.

The Best of the Blog: October 2018

Catch up on the best stories from the Code42 blog that you might have missed in October. Here’s a roundup of highlights:

Code42 Next-Gen Data Loss Protection: What DLP Was Meant to Be
Legacy DLP systems often mean heavy policy management, lengthy deployments and blocks to employee productivity. It doesn’t have to be that way. Learn how simple, fast and effective next-gen DLP can be.

Tips From the Trenches: Architecting IAM for AWS with Okta
Amazon Web Services (AWS) can open up a world of opportunity for productivity improvement. Read about how Code42 implemented AWS while meeting stringent security standards.

MacDonald-Miller Boosts Mobile Workforce Productivity with Code42 (Video)
See how MacDonald-Miller saves time and safeguards valuable company IP by developing and implementing a multi-faceted data security strategy.

Tips From the Trenches: Searching Files in the Cloud
File movement investigations require a complete picture of the whole environment. Learn how Code42’s security team locates and monitors files across endpoints and cloud services like Google Drive and Microsoft OneDrive.

Security-must-enable-people-Code42-Blog

Security Must Enable People, Not Restrain Them

Do you ever think about why we secure things? Sure, we secure our software and data so that attackers can’t steal what’s valuable to us — but we also secure our environments so that we have the safety to do what we need to do in our lives without interference. For example, law enforcement tries to keep the streets safe so that civilians are free to travel and conduct their daily business relatively free of worry.

Now consider how everyday police work keeps streets safe. It starts with the assumption that most drivers aren’t criminals. Officers don’t stop and interrogate every pedestrian or driver about why they are out in public. That type of policing — with so much effort spent questioning law-abiding citizens — would not only miss spotting a lot of actual criminal behavior, it would certainly damage the culture of such a society.

There’s a lot we can learn about how to approach data security from that analogy. Much of cybersecurity today focuses on trying to control the end user in the name of protecting the end user. There are painful restrictions placed on how employees can use technology, what files they are able to access and how they can access them. Fundamentally, we’ve built environments that are very restrictive for staff and other users, and sometimes outright stifling to their work and creativity.

This is why we need to think about security in terms of enablement, and not just restraint.

“ Security should be about enabling people to get their work done with a reasonable amount of protection — not forcing them to act in ways preordained by security technologies. ”

Prevention by itself doesn’t work

What does that mean in practicality? Consider legacy data loss prevention (DLP) software as an example. With traditional DLP, organizations are forced to create policies to restrict how their staff and other users can use available technology and how they can share information and collaborate. When users step slightly “out of line,” they are interrogated or blocked. This happens often and is mostly unnecessary.

This prevention bias is, unfortunately, a situation largely created by the nature of traditional DLP products. These tools ship with little more than a scripting language for administrators to craft policies — lots and lots of policies, related to data access and how data is permitted to flow through the environment. And if organizations don’t have a crystal-clear understanding of how everyone in the organization uses applications and data (which they very rarely do), big problems arise. People are prevented from doing what they need to do to succeed at their jobs. Security should be about enabling people to get their work done with a reasonable amount of protection — not forcing them to act in ways preordained by security technologies.

This is especially not acceptable today, with so much data being stored, accessed and shared in cloud environments. Cloud services pose serious challenges for traditional DLP solutions because of their focus on prevention. Since so many legacy DLP products are not cloud native, they lose visibility into what is happening on cloud systems. Too often, the result is that people are blocked from accessing the cloud services they need. Once again, users are treated like potential criminals — and culture and productivity both suffer.

This is also a poor approach to security, in general. As security professionals who have been around a while know, end-user behavior should never be overridden by technology, because users will find ways to work around overbearing policies. It’s just the law of governing dynamics and it will rear its head when the needs of security technologies are placed above the needs of users.

Where’s the value for users?

There is one last area I’d like to go over where traditional DLP falls short when it comes to providing user enablement, and it’s an important one. Traditional DLP doesn’t provide any tangible value back to staff and others when they are working in an environment protected with legacy DLP. All they typically get are warning boxes and delays in getting their work done.

In sum, traditional DLP — and security technology in general — doesn’t just prevent bad things from happening, it also too often prevents users from doing what they need to do. They feel restrained like criminals for simply trying to do their jobs. In actuality, a very small percentage of users will ever turn malicious. So why should we make everyone else feel like they are doing something wrong? We shouldn’t.

Code42 Next-Gen DLP

At Code42 we believe it’s essential to assume the best intentions of staff and other users. That’s why Code42 Next-Gen Data Loss Prevention focuses on identifying malicious activity, rather than assuming malicious intent from everyone. It’s why the product is built cloud-native: organizations aren’t blind when it comes to protecting popular cloud services, and users aren’t blocked from working the way they want to work. It also doesn’t require policies that need to be created and forever managed that pigeonhole users to work certain ways.

Finally, we believe in providing value to the end user. It’s why we provide backup and restore capability in Code42 Next-Gen DLP. This fundamentally gives users the freedom to make mistakes and recover from them, and it gives them the knowledge that that their data is also protected and safe.

Because it doesn’t block or interrogate users every step of the way, we believe Code42 Next-Gen DLP helps users to be more secure and productive, and enhances organization culture. It also provides the security team the opportunity to be an enabler for their end users, not an obstacle.

In this sense, Code42 Next-Gen DLP is a lot like good police work. It gives its users the freedom they need to move about the world without every motion being questioned for potential malicious intent. This is a very powerful shift in the workplace paradigm; users should be empowered to behave and collaborate as they want without fear or worry regarding the security technology in place.