Who is this article for?
Incydr Professional and Enterprise, yes.
Incydr Basic and Advanced, yes.
CrashPlan Cloud, no.
Other product plans, yes.
CrashPlan for Small Business, no.
This article applies to Code42 cloud environments.
As part of your insider risk detection strategy, allowing Code42 to access your email services enables you to capture information about the attachments that your users email to other recipients.
See the articles listed below to learn how to authorize Code42 to start capturing metadata from your email service.
- Email services are not available in the Code42 federal environment.
- Your product plan must include at least one email service. If your license expires, the email connection is deauthorized within 24 hours. If you need assistance with licensing, contact your Customer Success Manager (CSM). If you do not know your CSM, please contact our Customer Champions.
- To connect to the email service, you must have the appropriate permissions in the email service as well as in Code42.
- Gmail: You must be a Google Workspace administrator with a Super Admin role to authorize the connection to Code42
- Microsoft Office 365 DLP and Microsoft Office 365 email services: You must be a global administrator in Office 365 to authorize the connection to Code42
- Code42 only monitors email attachments. Email message content is not accessed, monitored, or changed.
Code42 temporarily streams files from your cloud or email service to the Code42 cloud to calculate the file hash. This may be reported as users downloading files.
Code42 never stores file contents or writes them to disk during this process.
Supported email services
Code42 supports connection with the following email services. Follow the instructions in the linked articles below to connect your email environment to Code42.
- Allow Code42 access to Gmail
- Allow Code42 access to Microsoft Office 365 email (non-DLP)
- Allow Code42 access to Microsoft Office 365 DLP email
Email attachment monitoring differs slightly between Gmail, Microsoft Office 365 DLP, and Microsoft Office 365:
- Gmail and Microsoft Office 365: Once authorized, Code42 captures file and message information about all attachments that are emailed through your organization's environment from that point forward. For Gmail, emails sent by all users are monitored for attachments. For Microsoft Office 365, only the emails sent by users with a subscription that includes Advanced Audit are monitored.
- Microsoft Office 365 DLP: Once authorized, from that point forward Code42 only captures file and message information about email attachments that are detected by a data loss prevention policy in Microsoft Office 365 Security & Compliance Center. You can also open these attachments directly in Forensic Search for further analysis.
When new users are added to your organization's environment, information about the attachments they email also becomes available in Forensic Search automatically.