Why is Cloud DLP the most important technology for SaaS apps?

By Neeraj Nayak, Sr. Manager, Product Marketing at CipherCloud

Data Loss Prevention (DLP) is not a new concept in the market. DLPs have been an integral part of data security software for over a decade. DLP is defined as a set of tools or technology that can detect and classify sensitive content within data - such as files, apps and emails - while at rest, in use or in transit, and apply context-aware data protection controls to prevent the data loss or misuse. Gartner estimates that by 2021, 90% of the organizations will implement at least one form of integrated DLP. DLP, today, is a billion-dollar market and is expected to go beyond 2.5 billion USD by 2020.

So what brings our focus back to DLP today? It is the current distributed workforce situation that has forced organizations to adopt a work-from-home policy for almost all their employees. To ensure business continuity in the current situation, organizations have scaled up their adoption of SaaS applications for remote collaboration, conferencing, and information sharing. This has elevated data as the new King, making it the single most important commodity in the industry. Thanks to the proliferation of cloud services, data, which was earlier secured within enterprise perimeters, has today become the foundation for remote workplace collaboration. And this data needs to be protected. How do you gain full control over data and regulate its movement in the SaaS-mobile environment? How do you prevent data misuse or stealing by cybercriminals? How to prevent accidental data loss? Enter Cloud DLP.

Why is Cloud DLP the key driver for securing remote workforce environments?

Data collaboration in a multi-cloud environment, such as Office 365, Slack, Salesforce or Box, is the new normal for enterprises. Each of these cloud apps comes with its own security management interface and requires individual administration. Moreover employees expect to access cloud resources from their mobile devices, and lack of policies and security controls to manage these access can create an operational complexity nightmare for the DevSecOps teams.

Cloud DLPs define centralized policies to monitor, classify and protect sensitive data across cloud apps and emails - while in motion or at rest - and prevent data leaks through real-time data protection actions such as data encryption, data masking, data deletion, etc. Cloud DLPs extend the enterprise data security controls to the cloud and bring consistency in managing data across multiple SaaS and IaaS apps, and even custom app deployments.

What are the Cloud DLP best practices?

●Discover sensitive content in the cloud: Effective data protection requires a clear understanding of the information residing in cloud apps. Tools such as Cloud Data Discovery can perform a deep scan to provide visibility into the historical cloud data and help Cloud DLPs to classify sensitive content for controlled access and protection.

●Classify sensitive content: The importance of data varies from its access level to the collaboration within users or between cloud apps. Define Cloud DLP policies to classify and label the data (“confidential,” “important,” “sensitive,” “private,” etc.) to pick out the needles from the haystack.

●Define user groups: User roles help create Cloud DLP policies to enable ethical firewalls and restrict file-sharing or email forwards to external collaborators and partners.

●Apply zero trust encryption: Critical data needs to be encrypted, whether at rest or in motion. Cloud DLPs can encrypt sensitive content in the cloud, preventing unauthorized users from viewing the content in plain-text form.

●Define human-centric policies based on user behavior: Supplement your Cloud DLP solution with an integrated advanced detection engine such as UEBA (User and Entity Behavior Analytics) that can perform continuous monitoring of users, apps and devices for real-time detection of anomalous user behavior and blocking access to the data.