Data Preferences reference

Last updated
Save as PDF
Share
1. Share
2. Tweet

Who is this article for?

Code42 for EnterpriseSee product plans and features

CrashPlan for Small Business

CrashPlan for Small Business, no.

Code42 for Enterprise, yes.

Link: Product plans and features.

This article applies to Code42 cloud environments.

Overview

Data Preferences settings enable you to exclude file activity from IP addresses and domains you trust from dashboard visualizations, alerts, and search results in Forensic Search.

Considerations

Trusted domains requires a Code42 product plan that includes File Metadata Collection. If you need assistance with licensing, contact your Customer Success Manager (CSM). If you're not sure how to reach your CSM, email csmsupport@code42.com.

Trusted domains

To view and edit trusted domains:

Sign in to the Code42 console.
Navigate to Administration > Settings > Data Preferences.
Select the Trusted domains tab.

Configure trusted domains

Item Description

Domain list

Item	Description
a	Domain list	List of domains you trust. File events from domains in this list are excluded from: Data on the Risk Exposure dashboard Alerts File event counts for Departing Employees, High Risk Employees, and User Profiles Forensic Search results including the following search criteria: The Trusted Activity filter with the value Exclude (applies to endpoint and email events) The Exposure Type filter with the value Outside trusted domain (applies to cloud events)
b	Edit	Click Edit to add or remove domains. To add multiple domains, enter a comma-separated list. Use the asterisk () character as a wild card for partial domain names. For example, enter `.corp.example.com` to trust any domain ending with ".corp.example.com." File activity on a specific domain is only considered trusted starting the date the domain was added to this list. File activity that occurred before the domain was added is considered untrusted.
c	Trusted Domains for OneDrive	Determines whether files shared outside your domain via OneDrive are included in dashboard visualizations, alerts, and Forensic Search results when you specify the Exposure Type is Outside trusted domain: On: All files shared externally via OneDrive appear in dashboard visualizations, alerts, and Forensic Search results when you specify the Exposure Type is Outside trusted domain. Off: All files shared externally via OneDrive are considered to be shared with a trusted domain, and do not appear in dashboard visualizations, alerts, and Forensic Search results when you specify the Exposure Type is Outside trusted domain. Domain-specific exceptions cannot be applied to OneDrive because Code42 cannot detect the email addresses the file was shared with. This means the only domain you can configure to “trust” is your internal OneDrive instance. Only appears if you are licensed for the OneDrive cloud data source.

List of domains you trust. File events from domains in this list are excluded from:

Data on the Risk Exposure dashboard
Alerts
File event counts for Departing Employees, High Risk Employees, and User Profiles
Forensic Search results including the following search criteria:
- The Trusted Activity filter with the value Exclude (applies to endpoint and email events)
- The Exposure Type filter with the value Outside trusted domain (applies to cloud events)

Edit

Click Edit to add or remove domains.

To add multiple domains, enter a comma-separated list.
Use the asterisk (*) character as a wild card for partial domain names. For example, enter *.corp.example.com to trust any domain ending with ".corp.example.com."
File activity on a specific domain is only considered trusted starting the date the domain was added to this list. File activity that occurred before the domain was added is considered untrusted.

Trusted Domains for OneDrive

Determines whether files shared outside your domain via OneDrive are included in dashboard visualizations, alerts, and Forensic Search results when you specify the Exposure Type is Outside trusted domain:

On: All files shared externally via OneDrive appear in dashboard visualizations, alerts, and Forensic Search results when you specify the Exposure Type is Outside trusted domain.
Off: All files shared externally via OneDrive are considered to be shared with a trusted domain, and do not appear in dashboard visualizations, alerts, and Forensic Search results when you specify the Exposure Type is Outside trusted domain.

Domain-specific exceptions cannot be applied to OneDrive because Code42 cannot detect the email addresses the file was shared with. This means the only domain you can configure to “trust” is your internal OneDrive instance.

Only appears if you are licensed for the OneDrive cloud data source.

IP addresses

Listing your in-network IP addresses enables Code42 to label activity from any IP address not on this list as Remote activity. Many areas throughout the Code42 console use this list of IP addresses to identify remote file activity. Listing your in-network IP addresses enables you to customize search results and dashboards to include in-network activity, remote activity, or both.

To view and edit IP addresses:

Sign in to the Code42 console.
Navigate to Administration > Settings > Data Preferences.
Select the IP addresses tab.

Configure IP Addresses

Item		Description
a	Add	Click to add a new IP address or range.
b	IP addresses	The in-network IP address or range. Supported formats: A single IPv4 or IPv6 address. For example: `192.0.2.0`. A range of addresses using CIDR block notation format. For example: `192.0.2.0/24`. VPN activity If you consider file activity from devices connecting over a VPN to be “in-network,” add the IP addresses of your VPN network here. To consider VPN traffic as remote activity, do not include IP addresses for your VPN.
c	Description	The description entered for this IP address or range. Descriptions are limited to 50 characters.
d	Created	Indicates when this entry was added to the list of in-network IP addresses. Date and time are reported in Coordinated Universal Time (UTC).
e	IP last modified	Indicates when the IP addresses value was last updated. Updating only the Description does not affect this timestamp. File activity from an IP address is identified as in-network beginning the date it is added to this list. File activity from an IP address that occurred before it was added to this list is considered remote activity. Date and time are reported in Coordinated Universal Time (UTC).
f	Edit	Click to edit the IP addresses or Description for this entry.
g	Delete	Click to delete this entry from the list of in-network IP addresses.

Overview

Considerations

Trusted domains

IP addresses

Related topics