Policing the data hinterlands beyond the corporate firewall

Data loss prevention doesn't work – you need data transfer visibility


Comment For Code42, the answer to the universe and everything is getting more interesting as it moves from protecting business users’ PCs and notebooks to providing data access security and monitoring tools.

The US backup company has undergone recent C-level management changes, including making Joe Payne its CEO in July, and its focus has been expanding in recent months, on from CrashPlan back-up and SharePlan – the company's sync 'n’ share offering – and smaller consumer offerings.

It is developing more of an enterprise endpoint data security stance, with increased emphasis on data forensic trails, multi-tier encryption and so on.

The company has eight of its own data centres, available as a public cloud for its users and their data, but it can also send data to public clouds such as Amazon’s. It can also offer managed private cloud services.

Storage and back-up is the backbone of what Code42 does, but the metadata generated doing that is enabling it to bolster the CrashPlan portfolio with security and access monitoring additions coming towards the end of the year.

Andy Hardy, EMEA managing director at Code42, said corporate IT can't protect data outside the firewall: “IT can’t dig the moat deeper and the walls higher, because we’re living in an era of the porous enterprise. What you have to to do is to track your data flow, like your cash flow," he said. "We can help there because of the technology we use and metadata we gather doing back-ups."

“Code42 will focus on which data has changed and where it has gone," he adds. "Users can bypass corporate networks and approved facilities like Google Drive or Box. Code42 can police it or enable it.”

“It’s not about data loss prevention. It’s about data transfer and visibility,” Hardy continues. “I don’t believe any one can prevent data loss. It doesn’t work.”

Its technology makes an MD5 hash of every changed data block. “We keep a track of the data, compress the hell out if it, dedupe it and then we encrypt it.” Its software integrates with a customer’s IAM (Identity and Access Management) software to generate a unique symmetric encryption key distributed to every user on the devices they are using.

The company makes its living at the edge of corporate networks, protecting data, aiding collaboration and facilitating security through data transfer visibility and tracking. It’s going to be extending that side of its product range by the end of the year. ®

Sponsored: Becoming a Pragmatic Security Leader

Biting the hand that feeds IT © 1998–2019