To help protect you from data loss, you can use Code42 to monitor:
- Reports that are exported from your business data in Salesforce.
- Files that are moved to and from and shared in corporate cloud storage environments (for example, Box, Google Drive, and OneDrive)
- Attachments that are sent through email services (such as Office 365 Outlook).
You can also connect other systems or workflows to Code42 via Incydr Flows, speeding the process for detecting, investigating, and responding to insider risks.
This article provides a brief introduction to adding data connections and configuring Incydr Flows.
- You can register a Google Workspace (formerly G Suite) or Microsoft 365 account in a single Code42 environment only:
- Once as a cloud storage connection, to monitor file movement in Google Drive or OneDrive locations
- Once as an email service connection, to monitor file attachments emailed from Gmail or Office 365 Outlook accounts
- You can only register a Google Workspace or Microsoft 365 account for one Code42 environment at a time. For example, you cannot register a OneDrive cloud storage data connection in one Code42 environment and an Office 365 email service connection in another Code42 environment when both belong to the same Microsoft 365 account.
- You can register two (or more) unique Google Workspace or Microsoft 365 accounts as long as these accounts are not associated in any way.
- Code42 only monitors one domain in a Google Workspace account even though multiple domains may exist in that account. Code42 monitors only the domain associated with the administrator email address that was used to register the Google Drive or Gmail service.
- Incydr Flows are not available in the Code42 federal environment.
Before you begin
Incydr Flows require setup from Code42 Professional Services. Contact your Customer Success Manager (CSM) to engage the Code42 Professional Services team and get started.
Connect to business tools, cloud storage, or email services
You can add connections to Salesforce, cloud storage environments, or corporate email services in the Code42 console from Administration > Integrations > Data Connections.
When you add Salesforce as a data connection, Code42 monitors your Salesforce environment for any reports that are exported from your business data and downloaded to an external location (such as a local drive on an endpoint or to removable media like USB drives).
When you add a cloud storage environment as a data connection, we monitor that environment to capture when a user:
- Creates or uploads a file
- Shares a link to a file
- Shares a file directly with users inside or outside your organization
- Deletes a file
- Modifies a file's contents, name, or location
The following cloud storage environments are available to add:
Configure Incydr Flows
Incydr Flows require setup from Code42 Professional Services. Once Code42 Professional Services adds your Incydr Flows, they appear in the Data Connections list as Automated Integrations. See Configure Incydr Flows for instructions on next steps.
After adding data connections
Once you add a data connection, file information collected from that data connection is available in Code42 and can be searched in Forensic Search, included in alert rules and notifications, and displayed on the Risk Exposure dashboard and in the User Profile.
If you want to stop collecting data from a cloud storage or email service connection, deauthorize it.
After configuring Incydr Flows
The ways you can automate workflows depend on the systems you choose to integrate Code42 with. See Configure Incydr Flows for sample use cases, or contact your Customer Success Manager (CSM) for more information.