TL;DR

  • Data loss in Google Drive is a huge issue – and many companies don’t even realize it’s happening!
  • Google’s native DLP isn’t robust enough for 100% security, so you need to look elsewhere
  • We advise leveraging a CASB 2.0 that uses APIs for maximum protection

If your company uses Google Workspace – that is, applications like Google Drive, Google Docs and Google Sheets – you need to have cloud DLP in place. 

While Google’s native DLP covers the basics, it’s not dynamic and robust enough to protect you from compliance violations under GDPR, CCPA and HIPAA regulations. It doesn’t manage the people. You need to manage the people and their actions sharing sensitive data.

In this day and age, where a data breach can cost upward of $3 million, you can’t leave DLP to chance. You need a solution that you know will work – every time. 

Below, we’ll dive into the world of cloud DLP: what it is, why you need it and how it works. 

Let’s go! 

What is cloud data protection?

Cloud data protection encapsulates several technologies and policies that work together to protect sensitive data in your cloud environment. A good cloud data protection solution will work across your cloud apps – like Slack, Google Workspace and Teams – to discover and protect sensitive data in any format. By format, we mean that the data may be in a document, chat, spreadsheet or PDF. No matter where it is, you need a solution that can find it and protect it!

What does that protection look like? Well, it depends on the context. Suppose an unauthorized user is trying to access sensitive data. In that case, the solution can automatically block the action or redact the sensitive data from the contents. This contextual awareness is pivotal to ensuring that employees remain productive. 

You should also look for a solution that takes advantage of automation. Let’s face it. Today, IT and security teams are time-pressed and stressed. A DLP solution that constantly flags alerts adds to their to-do list. You want a solution that’s fast, intelligent, automated and self-learning. 

Why does Google Drive need additional data protection? 

In a landscape where budgets are tight, we understand that investing in another technology solution might be off-putting. But you really need cloud DLP. Here’s why. 

  1. Cloud data leaks and misconfigurations are prevalent 

IDC research shows that 80% of the companies say they have suffered at least one cloud data breach in the past 18 months. Worse still, almost half (43%) admitted they had ten breaches or more during that same one and one-half year period. 

These data breaches aren’t the work of hackers. Instead, they’re caused by errors on the customer side: misconfigurations, poor access controls and a lack of visibility. 

The beauty of Google Drive is that you can access it from anywhere on any device. It’s great for flexible working and employee productivity. But you can also see how it’s a data protection nightmare! With so many endpoints to protect and so many users, it’s almost impossible for the IT team to ensure that the data in Google Drive is safe.

That is, unless you have cloud-based DLP. With an agentless architecture, cloud DLP can protect sensitive data in the cloud no matter who tries to access it. This solution is one of your best defenses against cloud misconfigurations. 

2. The skills gap won’t plug itself! 

87% of security leaders are suffering skills shortages in their companies. Over a third (35%) say positions go unfilled for longer than three months. 

Cloud usage has only added to the pressure on short-staffed security personnel. Unless you have the right tools in place, the cloud is kind of like an opaque force. You know your people are using it, but you’re unsure what they’re accessing and where your data is.

Security teams are also contending with alert fatigue, whereby their solutions are constantly raising red flags that need their attention – some of which end up being false positives! Research shows that security staff spend an average of 30 minutes for each actionable alert, while 32 minutes are lost chasing each false lead.

Google’s native DLP only adds to alert fatigue. You need a more intelligent solution, which takes the stress away from your teams rather than add to it! Cloud DLP like ours is perfect for this. With a self-learning engine, Polymer’s DLP naturally learns what your company’s sensitive data looks like and protects it, without your IT team needing to intervene. 

3. Employees will always mistakes

Human error is, well, part of being human. But regulatory bodies aren’t forgiving about mistakes. They expect you to counteract human error with the right mixture of policies and security solutions.

DLP has long been known as one of the best countermeasures to human error. DLP can remediate mistakes where your employees go wrong, ensuring that no data is lost. Our Cloud DLP solution also features in-app nudges, which teach your employees about security policies as they work.

4. You have security responsibilities under the cloud’s shared responsibility model 

In Google Workspace, Google is responsible for securing its underlying infrastructure. But you’re responsible for ensuring that only the right people access your data within the suite. 

Many companies forget this. They assume that, because Google is secure, their data is secure. This simply isn’t the case! You’re responsible for access controls, secure sharing and configurations. So, make sure you’re doing your part by implementing cloud DLP! 

How does cloud DLP work? Is it the same as a CASB? 

Ok, here’s the nerdy stuff. So, how does cloud DLP work? How can it protect data no matter where it is? It comes down to architecture. 

You should look for a solution that leverages APIs providing security and monitoring. This means they can secure both managed and unmanaged traffic, ensuring no security gaps. 

To that end, there is some overlap between cloud DLP and CASBs. Cloud DLP is essentially the most advanced form of CASB – we like to call it CASB 2.0 or even Data Exposure Prevention DEP.  

Older CASBs don’t give you the same visibility as cloud DLP or a CASB 2.0. We’ve discussed this in more detail here

Ultimately, you need to act quickly if you’re using Google Workspace without cloud DLP! Your sensitive data is at risk, and you can’t leave data protection to chance. 

The good news is that we’re here to help. Our CASB 2.0 framework protects against data loss (DLP) on modern collaboration tools like Google Workspace, Slack, Dropbox, Zoom, GitHub, Jira, Zendesk and more with alerting & real-time redaction of sensitive and regulated information such as PII, PHI, financial and security data. Polymer DEP prevents sensitive data exposure across your SaaS apps without slowing your business.

SHARE

Get latest blogs delivered to your inbox