Live Now:
Menu
Menu
Menu
50Percent | Proportion of enterprise workloads and related data now occurring in the public cloud, contrary to the expectations of just a few years ago.https://info.flexera.com/CM-REPORT-State-of-the-Cloud |
The entire cloud world is designed to enable data to flow with minimal friction. That fact alone calls for powerful cloud DLP solutions.
Data loss prevention (DLP) solutions aren't new, but have traditionally been substantially endpoint-driven. As even the largest enterprises in the world move toward computing in the public cloud, a new generation of "Cloud DLP" solutions is needed to provide the same kinds of protections.
Endpoint-driven DLP software is focused primarily on data stored in the local computing environment—but cloud computing increasingly takes place entirely in the web browser, with little or no data ever making its way out of the browser sandbox and into the local environment.
This creates a vexing new source of risk, particularly because cloud data "sharing" is designed to be as user-friendly as possible, and can often occurs without the related data ever traversing the local network connection at all, much less passing through memory, filesystems, and other local resources.
Cloud access security broker (CASB) solutions, already popular, go some of the way toward mitigating against this risk, but tend to lack specific controls around content and data, and often miss the holistic use envelope—things like copying and pasting sensitive data from a cloud application into another tab containing cloud-based email applications.
Addressing cases like these requires a purpose-built solution able to straddle the local environment and the cloud and remain sensitive to both the content and rules around the data in question and the way in which cloud services interact with each other and with the local environment, and often comprise components in the local environment, in the browser, and in the API space of the cloud services, all working in concert.
Cloud DLP solutions step into the breach here, bringing DLP into the cloud age to ensure that sensitive and confidential data is safeguarded by sound controls.
Plurilock AI DLP, Symantec DLP, Forcepoint DLP, and Netskope DLP are examples of DLP platforms that can be used to ensure that sensitive data isn't shared, uploaded, downloaded, or copied without permission.
For an example of DLP in action, imagine the following scenario. An overexcited employee is shown a new discovery inside the company. It's an exciting discovery whose value is considerable, and despite rules against doing so, they very badly want to share this discovery with their friends and family.
Because the company has DLP in place, when they attempt to email a copy of the technical slide deck to their best friend, the email is blocked by DLP before it ever leaves the company. They attempt instead to upload it as a file to Google Drive to share there, but that upload is also blocked by DLP. They decide to just copy and paste it into a Messenger chat, but find that they are unable to copy or paste it.
This is an example of DLP doing its job. An organizations make rules about what kinds of content, what types of information, what keywords, and so on, can be shared by whom. Once these rules are in place, the data is protected—the ability to access, download, upload, share, even copy and paste data of various kinds is managed by the DLP platform.
Whether you use the affordable, powerful Plurilock AI DLP platform or some other platform, if you are a business owner or manage an organization of any size, DLP is an important part of your cybersecurity toolkit.
