Code42 News

FedRAMP Authorized Code42 Extends Insider Risk Detection and Response to Federal Agencies

5 min Read

Todd Thorsen

Director, Governance, Risk Mgmt & Compliance

An incident or breach caused by an undetected insider threat in the private sector could damage a business’s reputation or significantly impact the organization’s financial wellbeing. But, in the public sector, a similar undetected insider breach or incident could jeopardize our national security. That heightened level of risk is why we’re thrilled to share that Code42 has received a Federal Risk and Authorization Management Program (FedRAMP) Agency Authorization through our partnership with the Department of Energy.  In order to receive FedRAMP authorization, Code42’s offering was evaluated against the FedRAMP “Moderate impact” baseline of control requirements. With that, Code42 is available for use across the federal government and is also available on the FedRAMP Marketplace

Insider Risk in the public sector

Breaches and insider threats in the private sector may get the lion’s share of the headlines, but the public sector is far from immune to insider risk. A Carnegie Mellon analysis of data from the CERT National Insider Threat Center (NITC) Insider Threat Incident Corpus shows that the federal government has, by far, the highest number of serious insider threat incidents detected over the past 20+ years — more than all incidents from state and local governments combined. While alarming, it isn’t exactly surprising that the federal government is such a big target. Just as in the private sector, the offending insiders in the public sector tended to be in trusted positions, and most exfiltrated data during normal working hours. After 2020, Insider Risk is on the rise — the 2021 Data Exposure Report found that employees are 85% more likely to leak data today than they were before COVID. 

Stepping up insider risk detection in the federal government

It’s not that federal agencies don’t understand the consequences of Insider Risk; on the contrary, they are quite well versed and have been managing and setting best practices on insider threat programs for nearly a decade. In fact, way back in 2011, Executive Order 13587 mandated that all federal government agencies that operate or access classified computer networks implement an insider threat detection and prevention program — including the capacity to monitor and analyze the information from insider threats. But nearly ten years later and with growing cloud adoption, there are exponentially more ways for insiders to exfiltrate data. The truth is that most federal agencies’ insider threat programs likely are built around traditional tools like data loss prevention (DLP) products that weren’t designed to handle the modern reality of ultra-portable data and widespread collaboration and file sharing — and simply can’t keep up with today’s resulting Insider Risks to data.

Code42 gives federal agencies a new insider risk toolset

Unlike conventional security tools that take singular views of risk, Code42’s solution detects Insider Risk Indicators across files, vectors, and users to speed insider threat response. Code42 evaluates and protects data from risk created by employee and contractor departures and actions, strengthens litigation against data theft and secures remote and collaborative work for employees and contractors. Our solution quickly surfaces Insider Risks to a federal agency’s most sensitive, valuable and vulnerable files and information, so security teams can respond immediately and effectively — before damage is done. The solution tracks files as they are attached to web-based emails, uploaded to web applications, and moved to USB sticks and external hard drives. As part of its offering, Code42 also preserves a copy of all versions of all files on a user’s computer. This data can be used for forensics or to recover data after theft, ransomware, hardware or software failure.

Demonstrating our commitment to the highest security standards

FedRAMP Authorization requirements include some of the very highest standards for cloud security and data security risk mitigation in the world. Of course, this is meaningful well beyond the public sector: FedRAMP certification should give all Code42 customers reinforced confidence in our ability to secure and protect your data.

We’re quite proud of this achievement and we’re excited to extend our solution beyond commercial and educational organizations to the federal government, helping to protect sensitive federal data that impact us all.

Learn more about Code42 for Government.

Todd Thorsen

Todd Thorsen, CISSP, CISM and CIPP/US, is a director of governance, risk mgmt and compliance at Code42. Previously, Todd led the enterprise third-party security team, where he was responsible for third-party security, privacy and compliance across all retail, banking and healthcare operations.