3 vital considerations when choosing cloud data loss prevention tools

Cloud SaaS

by Duncan MacRae| 04 July 2014

Willy Leichter, senior director, CipherCloud, shares his top tips with CBR.

The spectre of data loss and data leakage looms large over many an enterprise. Every organisation has data it needs to protect, whether that data be customer financial information, patient health information or confidential internal documentation or intellectual property. To protect that data when using cloud technology, you need to take control of it through an effective cloud data loss prevention (DLP) solution.

Here are three criteria that Willy Leichter, senior director at CipherCloud believes will help you to identify the best one:

1. Tight integration with cloud applications and existing DLP investments

In most cases, organisations don't just use one cloud application or service. They often use several, and that means their data lives and works not just in one location, but in many, further complicating DLP and compliance issues.

And there's little or no standardisation across different cloud applications, making consistent detection and enforcement a real challenge. To address this, your cloud data loss prevention solution needs to be tightly integrated with every cloud computing service provider your organisation uses. It should also play well with your existing on-premise DLP solutions in order to extend protection across all your enterprise's operations.

You've already made investments in developing content policies and implementing DLP appliances to enforce them. A strong cloud data protection solution can help you make the most out of those investments by extending their power to the cloud. Out-of-the-box integration is ideal.

2. Automated, policy-based enforcement

Let's say your cloud DLP solution is well-integrated with your cloud applications and capable of discovering all the access and activity around your company's sensitive or protected data. Now what?

DLP tools that require a great deal of manual configuration and human response tend to let suspicious activity slip by thanks to the possibilities of human error and human negligence.

Look at what happened to New York-Presbyterian Hospital and Columbia University. A physician chose to connect a personally owned server to the hospital's shared data network for work purposes. It was a well-meaning decision that went bad when they tried to deactivate the server but instead exposed the records of 6,800 patient records, resulting in the largest health privacy settlement to date.

A cloud data protection solution capable of detecting and stopping the out-of-compliance access could have nipped the problem in the bud, before it cost two organisations seven-figure penalties. The best cloud data loss prevention solution will provide automated, policy-based enforcement of an organisation's internal data protection policies, taking response out of human hands wherever possible.

3. Accessibility and ease of use

Finally, even the most sophisticated DLP capabilities won't be much use unless they're easy for administrators to use. Got granular visibility into user and data activity? That's great - as long as those tasked with monitoring that activity can easily see and interpret it.

Got multiple detailed reporting options? Fantastic - if administrators can quickly access the reports they need. Your ideal cloud data loss prevention solution should provide a unified, user-friendly dashboard that's configurable for each administrator's needs.

Comments
Post a comment

Comments may be moderated for spam, obscenities or defamation.
Privcy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.