Home > Categories > Data Loss Prevention > Cloud Is Cool, but DLP Is a Sticky Wicket

Home > Categories > Data Loss Prevention > Research > Cloud Is Cool, but DLP Is a Sticky Wicket

Cloud Is Cool, but DLP Is a Sticky Wicket

Using the cloud has become second nature for today’s organizations, and in most cases, cloud enthusiasts report an overall security improvement. However, data loss prevention (DLP) remains an issue. The issue is that while cloud providers have bolstered security in recent years (which helped lead to widespread adoption of cloud technology), they have very little power to govern what end users actually use the cloud for, like sharing sensitive information.

In reality, only 30% of cloud-using organizations have DLP policies that extend “across employee devices, the corporate network, and the cloud.” Meaning that in 70% of cases, organizations have little to no oversight of end-user cloud usage. Ironically, this lack of oversight is largely due to the improvements made to cloud security (by the providers), as it has created a tendency for customers to think that cloud security is not their concern. What we are now learning is that the cost of this security smugness is lost data.

Our Take

Most of the time DLP issues are actually data classification issues, and when they’re not, they’re usually privacy-related issues. The good news is that both can be solved with a simple prioritization exercise: get a group together to brainstorm which data repositories hold the most sensitive information and then proceed to evaluate just how sensitive that data is and what kind of protections it needs. For example, if sensitive data is stored on a cloud-based file sharing platform, make sure to configure that platform to prevent unauthorized sharing or downloads.

Want to Know More?

Other Recent Research in Data Loss Prevention

Data Loss Prevention

Qualys and Ivanti Partnership Boasts an Incredibly Robust Vulnerability Management Platform

Qualys VMDR and Ivanti have announced a new partnership dedicated to improving the detection and patching of vulnerabilities. Announced July 30, the Qualys and Ivanti Partnership have already gone live as an integrated component of the VMDR solution.

Data Loss Prevention

Remote Work Landscape Pushes Microsoft to Releases Endpoint DLP and Double Key Encryption Features for Added Data Security

Microsoft recently previewed the specific features to tackle data security and risk management for end users with Microsoft Endpoint Data Loss Prevention (DLP) and Double Key Encryption. The reason for the launch? The increasing shift towards a remote work environment and a need to mitigate the accompanying risks.

Data Loss Prevention

IBM Raises Price on Software Support; Shoves Customers Toward the Cloud

IBM is changing the terms of its ubiquitous Passport Advantage agreement to remove entitled discounts on over 5,000 on-premises software products, resulting in an immediate price increase for IBM Software & Support (S&S) across its vast customer landscape.

Data Loss Prevention

RiskSense Releases a Unified Infrastructure Security Risk Management Program

RiskSense announced on July 13 its new version of the cloud-delivered RiskSense risk management platform. The main draw of the program is its holistic risk calculation across CVEs and CWEs.