Activate Compliance Settings for backup data
Who is this article for?
Instructor, no.
Incydr Professional, Enterprise, Gov F2, and Horizon, no.
Incydr Basic, Advanced, and Gov F1, no.
CrashPlan Cloud, no.
Retired product plans, yes.
CrashPlan for Small Business, no.
Overview
The Compliance Settings feature makes it easy to configure a variety of settings all at once to support compliance with regulations such as HIPAA, FISMA, and GLBA. This article includes considerations for using Compliance Settings and instructions for activating the feature.
Note that Compliance Settings goes beyond what Code42 requires to support compliance with HIPAA. Use these options if your Code42 environment requires more control over backup data. To learn about other ways to support compliance with HIPAA, see Code42 and HIPAA compliance.
About Compliance Settings
Instead of manually configuring individual settings to support a compliant Code42 environment, click a single button to activate Compliance Settings and make the changes automatically. Because Compliance Settings is a permanent change, activate it once and know the organization's settings will stay in a compliance-supporting state, without the need to continuously monitor or update the settings in the Code42 console.
Activating Compliance Settings:
- Restricts administrators' ability to access user data.
- Elevates security by requiring users to set passwords to secure their backup data.
- Automatically disables web restores and push restores.
Considerations
Review the following significant considerations before continuing.
Legal
If you are subject to HIPAA regulations, you must obtain a Business Associate Agreement before your Code42 environment can be seen as fully supporting HIPAA compliance.
Compatibility
Compliance Settings is incompatible with Legal Hold, File Search, and user file activity monitoring features, which means you can no longer collect data for a legal hold, search for user files or pattern-matching, or monitor users' file activity. To continue using these features, you must manually configure settings to support compliance.
Security
Compliance Settings upgrade the security level for the organization to archive key password, which means users can restore files only from their Code42 apps, and they are required to enter their archive key passwords to do so. Therefore, administrators cannot perform web restores.
Move users
- If you move a user out of a Compliance Settings organization, the user's backup archive expires immediately, and a new backup starts.
- If you move a new user into a Compliance Settings organization, the user's relevant settings are updated automatically.
Before you begin
If you have an on-premises authority server, you must upgrade the Code42 app on all user devices to version 4.8 or 5.4 or later before enabling Compliance Settings. Upgrading Code42 apps ensures that users are prompted to create archive key passwords the next time they sign in to their Code42 apps.
If your users use SSO and you fail to upgrade their Code42 apps to version 4.8 or 5.4 or later, the users' archive key passwords are set to random, unknowable values, and the users' data are unrecoverable.
Step 1: Disable indexing
You must disable indexing for the organization in which you activate Compliance Settings. This action disables search for data that was previously indexed, and it prevents indexing going forward.
- Sign in to the Code42 console.
- Go to Organizations.
- Select an organization.
- From the action menu, choose Edit.
The Organization Settings dialog appears. - Select Indexing.
If you don't see the Indexing tab, it is not enabled for your Code42 environment. Skip to step 2 below. - Deselect Inherit settings from parent.
- Deselect Index all archives in this organization.
- Click Save.
Step 2: Disable endpoint monitoring
You must disable endpoint monitoring for the organization in which you activate Compliance Settings. This action removes the ability to monitor users' file movements.
- Sign in to the Code42 console.
- Go to Organizations.
- Select an organization.
- From the action menu, choose Edit.
The Organization Settings dialog appears. - Select Endpoint Monitoring.
If you don't see the Endpoint Monitoring tab, it is not enabled for your Code42 environment. Skip to step 3 below. - Deselect Inherit settings from parent.
- Deselect all the boxes under Detection Types.
In version 8.2 and higher, use the Enable endpoint monitoring check box to automatically select or deselect all of the detection types. - Click Save.
Step 3: Activate Compliance Settings
After you upgrade your Code42 apps, disable indexing, and disable endpoint monitoring, activate Compliance Settings for one or more organizations.
- Child organizations inherit the activated Compliance Settings.
- Sibling and parent organizations are not affected.
- Sign in to the Code42 console.
- Go to Organizations.
- Select an organization.
- From the action menu, choose Edit.
The Organization Settings dialog appears. - Next to Compliance Settings in the upper right corner, click Activate.
A confirmation message appears highlighting the changes to the organization's settings. - Read through the information.
- Type ACTIVATE, and select I understand this is permanent and irreversible.
- Click Activate.
External resources
For a detailed explanation of HIPAA requirements, please reference the following resources from the U.S. Department of Health & Human Services: