Key Questions for Cloud DLP Transformation
Published 02/04/2022
Written by Amit Kandpal, Director - Customer Success at Netskope
Based on prior, documented deployments of many DLP transformation programs (as companies adjust to the new cloud-first security stack), there are some critical and fundamental aspects that are often not fully understood:
- How is DLP different in the cloud compared to the earlier world where most applications, users, and data were within known and defined perimeter? This is important, since in the absence of this understanding, the tendency is to replicate the existing set of policies and a transformation initiative can very quickly become a migration exercise with no significant business value.
- What are the high-impact ways to reduce the risk surface before diving into specific policies, rules, and technical solutions to implement those most effectively? This is important as the lack of this understanding can lead to incident management teams getting overwhelmed with the sheer number of policy violations, leading to results ranging from disruption in user experience to critical violations getting missed out.
- What are the trade-offs for available technologies like Classification, OCR, Fingerprinting, Machine Learning based classification, etc.? The lack of understanding of this aspect leads to the deployment of wrong technologies with unrealistic expectations regarding the precision, accuracy, and efficacy of the solutions, which in turn can derail the entire transformation program.
In this upcoming series of blogs, we will start with focusing on these three aspects:
- The next blog post will focus on a deep dive into the new channels, content types, and technologies that need to be considered and understood.
- The blog after that will cover the logical sequence of steps and policies to progressively reduce your risk surface before embarking on specific DLP policies.
- The final blog post in this series will examine the key technologies available and the use cases they lend themselves well to based on the applicable trade-offs.
Stay tuned for the rest of the blogs in the series!
Related Articles:
The Evolution of DevSecOps with AI
Published: 11/22/2024
It’s Time to Split the CISO Role if We Are to Save It
Published: 11/22/2024
Establishing an Always-Ready State with Continuous Controls Monitoring
Published: 11/21/2024
Managing AI Risk: Three Essential Frameworks to Secure Your AI Systems
Published: 11/19/2024