Code42, the leader in insider threat detection, investigation and response, announced it has achieved the Federal Risk and Authorization Management Program (FedRAMP) Ready designation, which enables Code42 to work with the Joint Authorization Board (JAB) for prioritization toward a Provisional Authority to Operate (P-ATO). In order to achieve the FedRAMP Ready designation, Code42 underwent a capabilities assessment of critical security controls to ensure that federal organizations can use its multi-tenant, cloud-based insider threat solution to detect, investigate and respond to data loss, leak theft and sabotage.
Currently, Code42 is working toward two FedRAMP authorizations. In addition to pursuing a P-ATO from the JAB, the company announced, in January 2020, that it achieved an In Process designation in its pursuit of an Agency Authority to Operate (ATO). FedRAMP is a government-wide program that provides a standardized approach to security assessment, authorization and monitoring for cloud services, and is one of the most stringent compliance processes a vendor can undertake.
"The FedRAMP designations not only give our customers confidence that Code42 is a trusted cloud service provider committed to the highest standards in data security, but also make it easier for federal government agencies to adopt Code42 solutions," said Joe Payne, Code42's president and CEO. "The way people work is fundamentally changing. While cloud-based, collaborative technologies like Slack, Box and Google Drive are making workers more productive, they are also making it easier for them to exfiltrate data. Our cloud-based product provides a layer of security around these applications without blocking sharing. We are looking forward to extending our solution beyond commercial and educational organizations to federal agencies on a path to digital transformation."
Code42's solution surfaces insider threats to trade secrets and other high-value files so security teams can respond when data is exfiltrated. The solution tracks files as they are attached to emails, uploaded to web applications, and moved to cloud accounts, USB sticks and external hard drives. As part of its offering, Code42 also preserves a copy of all versions of all files on a user's computer. This data can be used for forensics or to recover data after theft, ransomware, hardware failure or software failure.
As a next step in the FedRAMP authorization process, Code42 will submit documentation required for JAB prioritization and undergo a full authorization assessment conducted by an independent Third-Party Assessment Organization (3PAO). This designation will give all federal agencies the authorization to use Code42 data security solutions.