If you’ve been reading about data breaches and data loss for a while, you will have come across a few idioms to describe the significance of data to the modern enterprise, such as “data is the new oil”, “data is the crown jewel” or “data is the lifeblood of your company”.
While these are cliches, they’re also true. Data is everything. You need it to run your business, get in touch with customers, close sales, run marketing campaigns etc. You name it; data powers it.
But data is also often inherently sensitive: personally identifiable data, protected health information and intellectual property are swirling around the networks and applications of modern enterprises.
If this data gets into the wrong hands, malicious actors could use it for fraud or identity theft. Protecting it is pivotal. That’s why regulations such as GDPR, HIPAA and PCI-DSS mandate strict controls around data protection.
One of the best ways to protect your data from leakage or theft is through data loss prevention (DLP). Below, we’ll explore how DLP works and what you should look for when shopping for a provider this year.
What is DLP?
DLP refers to a category of digital solutions and policies that work together to identify, classify and secure sensitive information in use, at rest and in motion.
- Data at rest: This refers to data that is not actively being used. It can be stored in a number of places, including the cloud or on a hard drive. DLP protects this data using encryption.
- Data in motion: This is data that is in transit between two places – for example, through the internet. Using traffic analysis tools and encryption, DLP safeguards this data as it travels.
- Data in use: This defines data that a user is interacting with, like editing a document or attaching a sensitive file to an email. DLP monitors and protects this data from unauthorized access through real-time analysis as needed.
DLP’s ultimate goals are to ensure that your sensitive data stays where it should and is only accessed and used by authorized personnel.
DLP used to be a network security solution, but DLP vendors are pivoting to focus on data security in SaaS applications with the proliferation of cloud services. This is because, slowly but surely, enterprises are forgoing on-premises servers in favor of the cloud.
A recent report found that enterprises invested nearly $130 billion in cloud services globally – increasing last year’s total enterprise spending by 45% ($85 billion). At the same time, enterprises worldwide continue the trend of lowering spend on data center hardware and software, reducing total expenditure to just $90 billion in 2020 (another 6% drop).
Clearly, the cloud is here to stay, which mandates the need for new data security solutions that extend protection outside of the network. This is where Cloud DLP comes in – a tool for securing sensitive information in cloud applications like Slack, Google Drive, Teams and more.
DLP is often a legal requirement for organizations in highly-regulated industries like healthcare and finance. Beyond that, though, it can solve a number of issues, including:
- Helping you to secure intellectual property that, if leaked or stolen, could damage your brand’s reputation
- Securing sensitive data to prevent data theft of breaches
- Reducing the risk of human error, whereby employees share data or use it carelessly
- Improving the security culture in your organization
- Optimizing auditing requirements through automation
How does DLP work in practice?
We like to use the analogy of DLP as a small, invisible and intelligent lock that protects your company data. Only users you have authorized – and verified – get the keys to access this data.
Through predefined policies, real-time alerts and remediation tools, these solutions also help you monitor, respond and protect against any employee – or unauthorized third party – who is trying to break the lock without access.
Here’s what that looks like in real-time:
- Identification: Through real-time monitoring, DLP discovers potential threats to data security based on predefined policies combined with its self-learning engine
- Sounding the alert: The solution alerts the security team to the threat for visibility.
- Enforcing remediation: At the same time, DLP automatically encrypts the data in question to prevent a data breach.
- Reporting: To meet compliance standards and audit requirements, DLP provides reporting functionality so organizations can prove that data is being used correctly and any incidents have been avoided.
What about native cloud DLP controls?
Most of the leading cloud platforms, including Google Drive and Slack, offer native DLP and other security solutions. Don’t make the mistake of thinking these DLP solutions are robust enough.
While satisfactory for covering the basics, these security controls are infamous for causing data leakage. They are easily corrupted by misconfigurations, human error and vulnerabilities. Moreover, if you need to comply with HIPAA or PCI-DSS, these native controls will not meet compliance requirements.
This is not to say that you shouldn’t use these controls. More, you should treat them as a foundation and layer more robust, granular security controls on top in the form of third-party cloud DLP.
Data loss prevention software: things to consider
The DLP market has faced a lot of disruption recently. Traditional email and network DLP providers are no longer fit for purpose and are being superseded by cloud-based DLP vendors, who focus on protecting data where it’s at most risk: in the cloud.
As you look for a cloud-based DLP provider, here are some questions to bear in mind:
- How easy is the solution to deploy?
- Does it discover unstructured and structured data in cloud environments?
- Does it feature a central administration interface that is easy to use?
- Can the solution automatically generate reports for reporting/auditing requirements?
- Does the solution use automation and artificial intelligence to accelerate DLP, so that it becomes a low-intervention task?
- Can the solution take preventive action – e.g. alerting users to risky behavior so they learn from mistakes?
- Does the solution use proxies or APIs? (Hint: you want APIs, as we discuss here)
Your data is vital – protect it wisely
Don’t rush into anything if you’re in the market for a DLP solution. Buying DLP for DLP’s sake won’t guarantee that your data is protected. In this day and age, legacy DLP tools don’t provide the visibility and real-time protection capabilities you need in the cloud. So, look for a cloud-based DLP solution that protects your data in SaaS apps.
Polymer’s context-driven risk recognition underpins an autonomous platform that learns from historical usage patterns. This self-learning engine can then predict and prevent privacy violations before they occur.
Polymer also helps to foster a security-aware culture. Our solution nudges users when sensitive data is shared un-securely and has proven to reduce sensitive data traffic over SaaS platforms by over 50% within four weeks.
Polymer SaaS DLP prevents sensitive data exposure accross modern collaboration tools like Slack, Dropbox, Zoom, GitHub, Jira, Zendesk and more with alerting & real-time redaction of sensitive and regulated information such as PII, PHI, financial and security data. All without slowing the business.
By the Polymer Team