GDPR May Not Apply to You. Follow it Anyway

I recently spoke at a small business event, and I asked for a show of hands for those governed by various common data privacy regulations (PCI, HIPAA, etc.). I saw giant smiles on the faces of those not raising their hands—a sense of relief for having avoided the extra discipline and effort that compliance requires. My advice to that relieved group: pick a data security regulation anyway—any one of them—and follow it.

With the GDPR deadline just days away, a lot of organizations in the U.S. are feeling like those lucky few small business owners, thrilled that they don’t fall under the new GDPR regulations. My advice: follow it anyway. Here’s why:

The U.S. will copy elements of GDPR—sooner than you think

The U.S. tends to follow rather than lead when it comes to data privacy regulations. If history repeats itself, U.S. regulators will follow the tenets of GDPR—and likely enhance it (read: make requirements more specific and stricter) based on how GDPR enforcements shake out in the coming months and years. By starting the process of achieving compliance today—before deadlines rush timelines—U.S. companies can take the time to make smart decisions, build future-proof strategies and spread the costs out over time.

U.S. consumers want GDPR-level privacy

We’re seeing a big change in public awareness of data privacy. Everyday people—not just data security pros and regulators—are tuning into the details of what data companies collect about them, and how that personal data is used. As consumers, we’re becoming aware of all the new and terrifying ways our privacy is up for sale. The headline example of this is the Facebook/Cambridge Analytica case. There’s huge value in showing your customers that you go above and beyond, and GDPR is centered on concepts that customers understand and love: consent and the “right to be forgotten.” Moreover, you definitely don’t want to look like you’re taking the easy way out at the expense of your customers’ privacy.

GDPR is good business practice

In board rooms around the country, CEOs are getting grilled on data privacy and data security. No company wants the same embarrassment, fines and costly brand damage that Facebook is enduring. The basic tenets of GDPR—privacy by design, privacy by default, etc.—aren’t really revolutionary. They’re now just best practice for any digital business.

Proactively adopting the tenets of GDPR forces a solution to the fact that most companies don’t have the data visibility needed to understand and implement next-generation data privacy. You need to consider all the vectors within your digital ecosystem—look at all the endpoints floating around your world, instead of just your networks and servers. And you can’t treat all data the same way. You have to be able to recognize your most valuable and sensitive data—and see where it lives and how it moves.

Of course, proactively going above and beyond to secure customer data is a big challenge, to say the least. But, I recently saw something on TV that looked like a much bigger hassle: Testifying in front of Congress. 

Cyber Threat Prevention at the Cost of Data Visibility Falls Short

As an industry, we’ve built some amazing technologies that provide defense in depth across our perimeters, networks and endpoints. We’ve created some pretty amazing tools that are able to analyze, correlate and process massive amounts of data that could indicate malicious activity. But it occurred to me that even with the most robust defenses in the world, our hyper focus on prevention and threat detection have caused us to lose sight of what it is we are defending. Our data–our intellectual property–is what drives our companies forward and provides valuable products or services to our customers.

Those of us that have been in the security space for any length of time have seen the threat landscape change rapidly. Security practitioners and the vendors that build tools to support them also have evolved dramatically. Security teams are building impressive layered defenses, as evidenced by the dramatic growth in the number security solution providers. I recently returned from the RSA Conference and, even though I’ve been going for over a decade, I’m still amazed every year by the number of new vendors that continue to pop up. There are now more than 1,600 security companies in the market, according to Zulfikar Ramzan, CTO of RSA Security. Ramzan also stated that one of RSA’s customers is using 84 different security vendors–yes, 84! He goes on to say that number really isn’t uncommon.

Don’t focus on threats at the expense of what’s being threatened: your data

All of these solutions do a pretty good job of understanding the particular threats they are focused on. They effectively work to detect, deny or disrupt those threats across your perimeter, inside your network or on your endpoints. But ironically enough, the tools themselves don’t have the needed visibility into what they are protecting.

And what they are protecting is the whole point: it’s the data–your company’s intellectual property, the very ideas that make your company valuable. Deloitte found that 80 percent of a company’s value is in its intellectual assets.

When it comes to protecting your data, knowledge is power

We need to do more than just stop as many threats as we can. We need to understand our data and recognize that it is the lifeblood of our companies. It is critical to know where our data is, who has it, where it is moving to and from and exactly what information is moving. No matter how complex our security posture is (and possibly because of that complexity) threats will always get through. So, we need to include data-level visibility in our security planning and tool portfolio. Data-level visibility gives us proper insight into exactly what is happening with our data, so we can be smarter about protecting it. This visibility will be a powerful complement to the rest of our security toolsets, helping to more easily detect, investigate and rapidly recover from malicious incidents.

Knowledge is power. Knowing exactly where the most important information lives and moves is a critical step in fully protecting the most valuable assets we have: our ideas.

Forrester’s Mitigating Insider Threats: The Security Playbook

By submitting this form, you agree to Code42’s Privacy Policy.

Lesson From the Road: The Security and IT Partnership

Lesson From the Road: The Security and IT Partnership

The last two weeks have been filled with travel for me, and I’ve had many opportunities to talk with security practitioners about the realities they face on a daily basis.

At our Evolution customer conference and the RSA Conference in California, as well as at the CIO Perspectives event in New York City, I heard validation of something I’ve believed for a long time: Security continues to be democratized and is a shared responsibility of everyone. Now more than ever, having security and IT teams work together as partners is essential to ensure security alongside user freedom.

For example, I had the pleasure of being part of a panel discussing security challenges facing CIOs in today’s modern age at the CIO Perspectives event. There, I heard some common themes as I spoke with countless CIOs and CISOs:

  • No one has enough budget to fulfill the needs: We heard how CIOs and CISOs are looking at “two-fer” hires who bring an IT capability along with the ability to solve security controls, essentially functioning as members of both the security and IT teams.
  • No one has enough staff: IT and Security experts are in high demand and the skill gap is challenging. Often, CISOs are turning to IT experts to help implement policy and governance and validate compliance.
  • No one feels safe enough: In today’s world, IT experts know their users are under attack. Security experts know that “soft spots” exist in every organization and abating them presents a challenge.

Security and IT are separate disciplines, and yet CISOs are looking at ways to share resources between the two and, in some cases, find hires that can fulfill the responsibilities of both. Budget pressures aside, there’s perhaps an unconscious reason why technology leaders are exploring the overlap between security and IT: When these two teams work together, both security and IT are improved.

In many cases, security and IT teams don’t see eye-to-eye, which forces conflict over prioritizing investigations versus getting users back up and running when data security incidents strike. When security and IT are separate functions, they typically operate in silos, using different data sets to triage incidents. This results in duplication of work and wasted time validating each other’s findings. And, obviously, both teams are stretched thin and have difficulty accessing each other’s tools and data sets, leading to unneeded delays in investigation, response and recovery.

When using a common set of tools for incident response, critical information is gathered more quickly and accurately. At our Evolution customer conference, we announced new features and products to arm security and IT with the capabilities they need to accelerate incident response:

  • The new Code42 Cloud: fully cloud-native deployment of our capabilities, allowing customers to retain their encryption keys while having zero software on-premises.
  • The new Code42 Forensic File Search product: complete visibility into your data wherever it is in the world, at any time, with real-time results–even when endpoints are offline.

Code42 Forensic File Search is designed to quickly equip security and IT teams to answer the most probing security questions, reducing investigation times for cybersecurity incidents. It is our sincere hope that Code42 Forensic File Search can help move security and IT teams towards the partnership model that’s increasingly essential for today’s enterprise. With security now the responsibility of everyone in an organization, it is more critical than ever that the key players in incident response, security and IT, have the right tools to quickly, reliably and accurately gather information about data security incidents.

Six Months a Guardian

Last week marked my six-month anniversary at Code42, and I couldn’t be prouder of our teams – what we’re focused on doing, our vision for where we’re going and what I know we’re going to do in the future. We are pouring blood, sweat and tears into creating a safer future for our customers’ ideas, a protected world for our users and a world of growth for those bold organizations that embrace innovation, forging a new future in their respective industries.

To our administrators: If you think about the change that we’ve endured in the past five years, it’s shocking. We’ve been asked to embrace mobility, cloud, virtualization, containerization, the server-less world, Infrastructure as a Service, Software as a Service, identity, federated authentication and compliance. It’s seemingly been an endless sea of changes, and the plight we’ve all faced is only compounded by the reality of data darkness we live in. However, Code42 is here to help.

To our users: Our teams here truly believe your ideas are beautiful and important. We wake up daily determined to figure out new ways to protect them. We recognize how every individual contributes to the greater growth of their organization. We’re here to keep your ideas safe, allowing you to contribute at your absolute best.

To the security teams that rely on Code42 to defend your organizations from the endless darkness of the cybersecurity world we live in: Realize that if there was a magic switch on the wall to dispel the data darkness, we’d flip it to let in the light. We know you and your users are under constant assault from individuals who seek to steal, ransom and destroy the ideas that will grow your organization. We’ve made countless changes to increase our defenses of your data and to stay one step ahead of those who seek to destroy or hold captive your value. We’re a partner in this journey.

– Rob

P.S. – Last, but not least, to my fellow guardians: Thank you for an amazing first six months. You have done incredible work and I’m so proud of the work we’re doing to make the world a safer place.

Webinar: How to Accelerate Incident Response

If you had to pick one word to describe the information security landscape today, what would it be? For me it would be “speed.”

Everything is moving faster – the frequency of data breaches, ransomware mutation rates and the GDPR-driven reporting time limit for data incidents. Prevention is largely a race to try to stay one step ahead of the next threat.

But what about recovery? Incident response times are lengthening. The longer detection and remediation take, the higher the cost to the business and the larger the risk of a cyberattack expanding across the organization.

Join us for our on-demand webinar on how to accelerate incident response times. We’ve got some fresh ideas and unconventional solutions that we hope will help you improve your investigation processes and think “out of the box.”

In this webinar, we will discuss how companies can significantly improve their detection and response times by adopting a product like Code42 Forensic File Search.

This informative webinar will specifically cover how to utilize Code42 Forensic File Search to:

  • Quickly enable the multiple steps, teams and processes involved in investigating and responding to cyber threats;
  • Effectively and efficiently recover from data loss incidents, reducing response times from days and weeks to mere seconds; and
  • Continuously and silently report on file events and metadata across all endpoints for near real-time detection of threats – even when the endpoints are offline.

 

Code42 security industry awards

Three Security Industry Award Wins, and Why It Matters

What a month it’s been for Code42!

Last week, we hosted Evolution18, our annual customer conference; we launched Code42 Forensic File Search, an innovative, game-changing product for the information security market; and in the past few days, we were honored with three security industry awards:

Each of these awards is a true honor. Together, they point to the innovation we are driving, and how that’s paying off for our customers. Here are three takeaways.

Innovation drives us

The three awards we won point to our commitment to innovation. It’s a priority for us. We drive innovation to help our customers succeed – safeguarding their ideas wherever they live or move, whether that be on endpoints or in the cloud.

The value of visibility

You can’t protect what you can’t see. Our focus on visibility – helping companies see where their data lives and moves – is striking a chord with our customers and the industry in general.

When our customers win, we do too

While receiving these industry awards is a great honor, what’s even more meaningful for us is being able to recognize our customers.  Just last week at Evolution, we honored a select group of customers with our Evolutionaries awards. These annual awards celebrate our customers for their extraordinary innovations in the development, deployment and adoption of applications in data recovery and visibility. We’ll profile these winners in another post; I think you’ll be impressed with what they have accomplished.

There’s an unmistakable link between the amazing results our Evolutionaries are delivering for their organizations, and our selection as winners of these industry awards. By helping them win their data security battles, their businesses win, and we do too.

Every Idea Matters: Secure Them with Code42

At the most basic level, every business sprang from an idea. Every advancement, every cure, every game changer–they all started as a concept in someone’s mind. No matter the industry, ideas are the fuel that helps every one of our customers grow.

Every idea matters. It’s a simple concept, but one that guides us at Code42 as we secure our customers’ data–their ideas–wherever they live or move.

Case in point: This week we announced the Code42 Forensic File Search product, which helps security, IT and compliance teams dramatically reduce the time it takes to investigate, respond to and recover from data security incidents that threaten their valuable IP. Because it collects file metadata and events across all endpoints in an organization and makes them searchable via the cloud, you can cut incident response investigations from weeks and months to mere seconds.

Expanding security capabilities

While this new product is exciting in itself, it also marks an important expansion of our security capabilities for global enterprises. With Code42 Backup + Restore, you have access to complete file contents on any endpoint. Code42’s File Exfiltration Detection gives you visibility into departing employees moving files to external drives or cloud services. Code42 Forensic File Search provides you metadata from file activity. Together, these features offer you the greatest visibility yet into what’s happening to the valuable ideas on your organization’s endpoints.

Later this year, we’ll extend the same visibility to the data that lives on corporate cloud applications, including Microsoft OneDrive, Google Drive, Box and Slack. While the endpoint will continue to be relevant, and a key source of data exfiltration and infiltration, we know that in the next five years that much of the data on endpoints will move to the cloud. We intend to be at the forefront of this transition.

Every feature of the Code42 platform was designed with the same end goal in mind: to protect the valuable ideas fueling our customers’ growth. Our customers are changing the world with their ideas. It’s our job to keep those ideas safe. Because every idea matters.

Code42 Forensic File Search: Bringing “Night Vision” to Data Visibility

Code42 Forensic File Search: Bringing “Night Vision” to Data Visibility

The other day, while watching a show about modern warfare on The History Channel, I was struck by how technical advancements in modern warfare mirror the innovative leaps we have made in the battle of cybersecurity. In particular, the invention of night-vision goggles brought continuous visibility to the battlefield, changing warfare in two key ways:

  • It illuminated the dark corners: suddenly silent still actors would be seen as if they were fully illuminated; and
  • It enhanced the temporal dimension: what was traditionally a daytime activity became an around-the-clock battle.

Today, with the announcement of Code42 Forensic File Search, we’re happy to say that Code42 brings night vision to data security. We are enabling a new dimension of visibility—illuminating dark corners and creating a fully visible arena that you can examine, mine and use to take action in defense of your data.

We illuminate the dark corners

Imagine that you could search and investigate file activity across every endpoint on your network. You could instantly query your data to find where files are located. In the event of a malicious file finding its way onto your network, within seconds you could know where that file had landed and who was impacted by it—regardless of where the file resided on that machine. Suddenly the ransomware files that hide silently in users’ Recycle Bins and Downloads directories are visible. The least managed–but most exposed–entry points for malware and ransomware are suddenly visible to you.

We change the temporal dimension

Being able to see into the dark corners of the “battlefield” is only the first step. Imagine being able to take immediate action against those endpoints regardless of whether they are on your network, or even powered off in someone’s home. This is the power of Code42 Forensic File Search. We’re constantly logging changes happening on your endpoints and sending them to our cloud where you can interactively query them to find files regardless of the state of the endpoint. Our optics give you the enhanced vision to illuminate file activity on your endpoints, in near real-time, without waiting for users to connect or manually going out and searching the endpoints that were unavailable to you.

Our element of surprise

For years, as security experts we’ve been forced to fight a blind battle—one where the night sky is devoid of stars; one where our enemies could exploit any weakness in our data visibility. Tomorrow’s data security battle is defined by night vision, enabling you to know where your data lives and moves across all endpoints – at a moment’s notice. It’s defined by the ability to get real-time results from dynamic queries. These new capabilities enable the level of digital trust that you need to drive your organization’s digital transformation journey.

Code42 “night vision” is just one of the transformative changes we’re bringing to the battlefield for data visibility and security. What’s next? Well, those in attendance at our Evolution18 customer conference have seen a few glimpses today. We’ll share more here soon.

Evolution18 Begins Today

We’re thrilled to say that Evolution18, our annual customer conference, kicks off today! We are looking forward to welcoming customers and partners from around the globe to San Francisco. During the next three days, attendees will hear the latest on all the most important topics in data security, connect with industry experts, learn from the pros in our 30+ breakout sessions, get certified on Code42 administration – and, we think, have some fun in the process!

Of course, we understand that not everyone can join us in California. That’s why we plan to post some of the biggest news from the event right here. This includes an exciting announcement about Code42’s newest product, which will take our data security capabilities to a new level, as well as the winners of our annual Evolutionaries Awards. We love to share success stories when we hear them. The awards honor Code42 customers that have demonstrated dedication to delivering the best possible data security and recovery solutions.

We’re also looking forward to sharing event highlights like the keynote speech from Theresa Payton, one of the nation’s leading experts in cybersecurity and IT strategy. Theresa served as the first female chief information officer at the White House, overseeing IT operations for President George W. Bush and his staff. Theresa has already shared some great thoughts on the state of cybersecurity with us, and we can’t wait to hear more.

Stay tuned to the blog all week for more on Evolution18.

Is GDPR-Regulated Data Hiding in Pockets of Your Organization?

Data breaches that compromise critical customer information are the worry that keeps IT people up at night. Unfortunately, what’s considered critical customer information and what you must do to safeguard it has changed dramatically, thanks to GDPR. IT stakeholders at American companies who’ve assumed GDPR does not apply to them may want to take a closer look at what the implications are for U.S.-based companies. GDPR-regulated data can be found in places you might not expect, and the tools you’ve been using to keep track of that data may not provide the visibility you need in case of a breach.

Where does GDPR apply?

First off, don’t think because you’re an American company only doing business in the U.S. that you’re exempt. If you capture any data about an E.U. citizen, like one who stumbles across your website and sends a question through a contact form, you’re on the hook for GDPR.

So where does the data regulated by GDPR live in your organization? The short answer: everywhere your customer data lives and travels within your organization. That doesn’t just mean your CRM system. Employees routinely download and use personal customer information on their endpoint devices, even when company regulations forbid it. You may or may not be surprised to learn that the C-suite is the worst offender at this.

The scope of what is considered “personal information” under GDPR is much broader than you might expect. While most companies already take steps to protect sensitive information like credit card information or social security numbers, GDPR takes it much further and could signal a sea change in data collection. Specifically, any information that can be used to identify a person, like IP addresses and names, is covered under the regulation; however, GDPR is expanding the definition of sensitive data to include any data that could potentially identify a person. So, if you’re capturing it, it’s worth protecting.

What does data encryption protect against?

Many IT directors hit the pillow every night with the misguided confidence that their data encryption will prevent any GDPR-related problems. Unfortunately, that’s not always the case.

Data encryption is a useful tool if your data compromise doesn’t include credentials that unlock the encryption. But if your data is compromised because of stolen credentials, then encryption doesn’t matter. This can happen with stolen laptops, a common occurrence with company-issued employee laptops. It can also happen with malicious employee activity – if employees with valid credentials decide to exfiltrate data, encryption won’t do a thing to stop them.

What happens after a data breach?

Talk about sleepless nights for an IT director. For companies that experience a data breach, the hours and days after discovery are usually a mad scramble to assess what’s been compromised and by whom. The time and money spent to unravel the tangles of compromised data in an organization can add up fast. And GDPR doesn’t give you much time. You have 72 hours after discovery of a breach to notify GDPR authorities if personal information has been affected.

The problem for most companies is that they don’t really know where all their customer data is stored. A lot of it can end up on employee laptops and mobile devices. To truly protect their data assets, companies must have a firm understanding of where all their data travels and lives.

Data visibility

Being able to immediately and clearly locate customer data is critical to surviving a breach of GDPR-regulated data. A strong endpoint visibility tool can provide a quick understanding of all the data that has traversed through an environment—and importantly for GDPR, whether that data contains personal information.

An endpoint visibility tool can also tell you with confidence if compromised data does not include personal information that would fall under GDPR. That would prevent you from unnecessarily alerting the authorities.

Unfortunately, data breaches continue to happen, and there’s no sign of that abating any time soon. When the collection of consumer data is necessary, companies should consider it sensitive and use endpoint visibility tools to protect it.

Facebook Twitter Google YouTube