Companies are very concerned about data loss. For a second consecutive year, the Allianz Risk Barometer 2023 ranked cyber risks as organisations’ leading concern. Ransomware and data theft, in particular, feature prominently.
This result is not a surprise, says Gerhard Swart, chief technology officer at cybersecurity company, Performanta. “Professional organisations have realised the importance of data, and how delicate and vulnerable data is. One well-targeted ransomware attack could destroy them. They also have a struggle with managing data–there is a lot of it, spread across many devices, sites and servers.”
These reasons fuel the adoption of data loss prevention (DLP) solutions, specifically DLP in the cloud. While some still think of DLP as a data backup product, true DLP represents a collection of tools, processes and policies that govern data access and movement.
Yet, at least half of organisations haven’t added DLP, according to Gartner surveys. For all of its benefits, DLP can be complex and expensive, not to mention disruptive to users. But as companies increasingly use the cloud as part of their data management, many have started adding cloud DLP services.
DLP in the cloud creates many advantages, such as integrating different data sources, tracking data movement, and making data accessible to branches and remote employees. The cloud’s intuitive scale and modularity also make it simpler for companies to adopt cost-effect DLP, often as part of a larger public cloud platform (such as Azure or AWS) or as a managed service from a security provider.
“DLP and the cloud are a very powerful combination, especially since today’s data moves around more freely and beyond traditional company parameters. But we should be careful because while the cloud lowers DLP requirements, it also introduces several complexities that customers mustn’t ignore,” says Swart.
Companies can apply several measures to improve their DLP security in the cloud:
* Audit access: Identify and remove unnecessary access to data, particularly among super admin, executive and former employee accounts.
* Check configurations: Criminals love to exploit misconfigurations, especially integrations between cloud and on-premises systems – uncover these with regular audits and integrity tests.
* Classify data dynamically: Use automated processes and artificial intelligence to dynamically audit and classify data, including new data and data stored on user devices or in cloud services.
* Encrypt high-risk data: Give greater priority to the security of high-risk data, such as always encrypting it before transfers between different sites or devices.
* Automate policies: Create usage and storage policies for different data tiers, then enforce these with automated processes focusing on data types, location, users and other considerations.
* Use a security service partner: The best results come from working with a managed security service partner that can conduct audits, test configurations, manage alerts, and integrate DLP with a more extensive threat detection and security operations ecosystem.
“DLP adds additional security to data environments, including backups but also live data. It has become more popular as data volumes expanded, and today’s major enterprises rely on intelligent and automated DLP systems to secure their data. DLP is also about data governance; as more regulations dictate better data management and oversight, DLP has become the foundation to deploy and manage policies for governance and legal obligations, such as GDPR [General Data Protection Regulation],” says Swart.