For a mature market, DLP is not keeping up with the natural evolution of how sensitive data and files are being accessed, manipulated, and shared.
Every flavor of an as-a-service offering has been increasingly adopted to enable businesses to become more agile. In the process, the IT estate has become more complex, and traditional DLP tools have ultimately become less effective.
One example is within SaaS applications. There’s a large amount of unstructured data — both binary and textual files — that can potentially contain sensitive data that should never enter the public domain. Traditional DLP is not dynamic enough to identify and enforce policy that prevents unstructured data leakage and exfiltration.
“Cloud-first organizations need to look to incorporate granular data access controls across complex environments, such as SaaS,” said Adam Gavish, co-founder and CEO at DoControl.
“All critical SaaS application data activity should be monitored, and secure workflows should be triggered automatically by events that present the risk of data loss.”
Gavish added that scanning for personally identifiable information (PII) in real-time and classifying the PII data and content types that are relevant to the business are both table stakes.
The risk of insider threats is very correlated to why DLP technology exists, so there’s a strong need to incorporate behavioral analytics. A combination of past end-user behavioral patterns and deterministic behaviors will prevent the risk of malicious insiders from exfiltrating sensitive company data.
Solutions that enable dynamic DLP for cloud applications is what the modern business demands, which breathes new life into a very much aging DLP market.