50Percent | Proportion of enterprise workloads and related data now occurring in the public cloud, contrary to the expectations of just a few years ago.https://info.flexera.com/CM-REPORT-State-of-the-Cloud |
The entire cloud world is designed to enable data to flow with minimal friction. That fact alone calls for powerful cloud DLP solutions.
Data loss prevention (DLP) solutions aren't new, but have traditionally been substantially endpoint-driven. As even the largest enterprises in the world move toward computing in the public cloud, a new generation of "Cloud DLP" solutions is needed to provide the same kinds of protections.
Endpoint-driven DLP software is focused primarily on data stored in the local computing environment—but cloud computing increasingly takes place entirely in the web browser, with little or no data ever making its way out of the browser sandbox and into the local environment.
This creates a vexing new source of risk, particularly because cloud data "sharing" is designed to be as user-friendly as possible, and can often occurs without the related data ever traversing the local network connection at all, much less passing through memory, filesystems, and other local resources.
Cloud access security broker (CASB) solutions, already popular, go some of the way toward mitigating against this risk, but tend to lack specific controls around content and data, and often miss the holistic use envelope—things like copying and pasting sensitive data from a cloud application into another tab containing cloud-based email applications.
Addressing cases like these requires a purpose-built solution able to straddle the local environment and the cloud and remain sensitive to both the content and rules around the data in question and the way in which cloud services interact with each other and with the local environment, and often comprise components in the local environment, in the browser, and in the API space of the cloud services, all working in concert.
Cloud DLP solutions step into the breach here, bringing DLP into the cloud age to ensure that sensitive and confidential data is safeguarded by sound controls.
Need Data Loss Prevention solutions?Plurilock offers a full line of industry-leading cybersecurity, technology, and services solutions for business and government.
Talk to us today.
Data loss prevention (DLP) tools enable organizations to implement controls on who can act on data, in what ways, based not only on file or resource-level access controls, but on awareness and classification the substance of the data as well.
DLP software platforms often consist of a variety of components notably including endpoint controls that enable policy to be set around the means by which data is transmitted or shared—file copy and send operations, clipboard copy and paste, email and other communications channels, and storage devices, among other things.
From an integrated perspective, data loss prevention also includes considerations around physical and building security, policy and procedure, and other factors that help to protect organizations' most sensitive and confidential data.
As cloud computing grows, data loss prevention is also evolving to include controls and policy to manage how data moves through and between cloud systems, in many cases never traversing local endpoints or local networks at all.
