Skip to main content

Who is this article for?

Code42 for EnterpriseSee product plans and features
CrashPlan for Small Business 

CrashPlan for Small Business, no.

Code42 for Enterprise, yes.

Link: Product plans and features.

This article applies to Cloud.

Code42 Support

Risk Exposure reference

Who is this article for?

Code42 for EnterpriseSee product plans and features
CrashPlan for Small Business 

CrashPlan for Small Business, no.

Code42 for Enterprise, yes.

Link: Product plans and features.

This article applies to Cloud.

Overview

The Risk Exposure dashboard gives you an overview of the different file activity in your Code42 environment. This dashboard lets you know when there is unusual activity happening, so you can investigate further in Forensic File Search. 

For more information about how to use these dashboards, see How to use the Risk Exposure dashboards for data loss protection.

Considerations

  • This dashboard requires a product plan that includes Forensic File Search and is only visible for users with the Customer Cloud Admin and Security Center User roles. 
  • If your dashboard is empty and shows no data, then you may need to enable endpoint monitoring and connect your cloud services.
  • Endpoint File Activity does not show file activity from before April 22, 2019. This means if you enabled Forensic File Search before that date, you will not see file activity in the dashboard from those days. The file events do appear in Forensic File Search.
  • Cloud File Activity does not show file activity from before July 26, 2019. This means if you added a cloud service to Forensic File Search before that date, you will not see file activity in the dashboard from those days. The file events do appear in Forensic File Search.

Endpoint file activity

To view, sign in to the administration console and select Detection > Risk Exposure

Endpoint File Activity dashboard

Item Description
a Timeframe Displays file activity for the last 90 days, 30 days, or 7 days.
b File activity graph

Displays file activity for the selected file event type. 

c File event details Displays file event details for a specific day. Click a point to see more information about the file events from that day.
d On Removable Media Displays when files have been moved to an external device such as a USB drive or hard drive. 
e Synced to Cloud Service Displays when a file exists in a folder on the device used for syncing with one of these cloud services:
  • Apple iCloud
  • Box
  • Box Drive
  • Dropbox
  • Google Backup and Sync
  • Google Drive
  • Microsoft OneDrive
f Read by Browser or Other App  The file was opened in an app that is commonly used for uploading files, such as a web browser, Slack, FTP client, or curl.
g Activity preview Displays a preview of the graph of the files. 
h # File Events Shows the number of file events for the entire timeframe selected. 
i Total File Size Displays total file size for all exposure events in the selected timeframe.
j # Users Displays the number of users who performed the exposure events.
k Investigate last x days in Forensic File Search Opens Forensic File Search. Forensic File Search is pre-populated with the selected timeframe and exposure type. Learn more about using Forensic File Search.

Cloud file activity

To view, sign in to the administration console and select Detection > Risk Exposure
Visible only with licensing for one or more cloud service data sources

Cloud file activity.

Item Description
a Timeframe Displays file activity for the last 90 days, 30 days, 7 days, or 1 day.
b File activity graph Displays file activity for the selected permission increase type and cloud service.
c File event details Displays file event details for a specific day. Click a point to see more information about the file events from that day. In the image above, the file event is a permission increase. 
d Public on the Web (Google Drive) Displays when files on your Google Drive are indexed by Google search and are available on the web. Only appears if you are licensed for the Google Drive data source.
e Public via Direct Link (Google Drive) Displays when files on your Google Drive are accessible to anyone with a link. Only appears if you are licensed for the Google Drive data source.
f Public via Direct Link (OneDrive) Displays when files on your OneDrive are accessible to anyone with a link. Only appears if you are licensed for the OneDrive data source.
g Activity preview Displays a preview of the graph of the files.
h # Permissions Increases Displays the number of events where a user changed the permission of a file, folder, or drive from private to public. This applies to both public via a direct link or public on the web.
i Total File Size Displays total file size for all exposure events in the selected timeframe. Does not include Google file types such as Google Docs or Google Sheets.
j # Users

Displays the umber of users who interacted with the file within 5 minutes of when it was made public. This could include the user who changed the permissions or a user who interacted with the file shortly after the permission change.

  Investigate last x days in Forensic File Search Opens Forensic File Search. Forensic File Search is pre-populated with the selected timeframe and exposure type. Learn more about using Forensic File Search.