Bring unity to your DLP this Holiday SSEason
Data. Clive Humby, the British Mathematician said it best in 2006, “Data is the new oil”. These zeros and ones stored in virtually every corner of the world now power industries and hold tremendous power in decisions companies make. Where do I invest, what are my customers doing, and critically, what does the future hold? Alternatively, data can also be used against companies. What if someone gains access to the financial results of a publicly traded company days before the earnings announcement, what if someone gains access to a critical database or file share, what if there is something embarrassing to keep secret? Does that have value? How much would you pay not to impact the stock price? Or have the secret “sauce” not be put on the public Internet?
This is where technologies such as Data Leakage Protection (DLP) come into play. DLP solutions according to Gartner “use data classification labels and tags, content inspection techniques, and contextual analysis to identify sensitive content and analyze actions related to the use of that content. They then monitor data activity and evaluate the appropriateness of attempted actions against a predefined DLP policy that details acceptable uses, in specific contexts, of specific content types or classification labels.”
Traditionally, DLP solutions are offered in three forms –
Enterprise DLP (EDLP) solutions offer centralized policy and management, as well as reporting functions. The solutions are large, and complex and can require large teams to maintain and operate.
Integrated DLP (IDLP) solutions are native to a service or app. This can be applied to email, web gateways, or endpoints. This option is a good method to target areas of concern with DLP without the overhead required by Enterprise DLP solutions.
Cloud-focused DLP solutions address use cases associated with SaaS and public cloud apps. Similar to Integrated DLP, these tend to be point solutions targeted at specific sets of data resident off-prem.
Taken together, the options represent a series of hard choices for the enterprise. Do I go all in and invest in an enterprise solution or select a point solution and limit my security to a select few applications?
A new middle-ground option is now emerging provided by the Security Service Edge (SSE). SSE brings together networking and security in an elegant manner to allow you to both connect and secure your company through what were previously disparate, non-integrated technologies. Because SSE has visibility into the nervous system of the company (the network), it is uniquely positioned to do DLP correctly.
Axis Security, as part of its Winter Release, is announcing several DLP innovations for its Atmos platform.
- Single Policy DLP – Rather than leverage a separate product to do DLP scanning, DLP is embedded as a feature of Atmos. This enables you to include whether or not to include DLP as part of your policy. No need to move between several UI screens or between products. Just check the box to include DLP and select the actions across ZTNA, SWG, and CASB. Easy as that.
- Atmos File Content Control & Atmos File Metadata Control – Control data transfer within files based on patterns and manage file transfers based on various metadata attributes (name, type, size). Make DLP simple and secure across both ingress and egress traffic.
- DLP Visibility – As the network acts as the nerve system for the company, the Atmos Winter Release includes the ability to see the end-to-end data journey and when users attempt to download private data and upload it to email or document-sharing apps. No need to move between interfaces or follow the chain between several applications only lose track of where the data went. Leverage one UI and one data lake to easily track data movements.
- GRC – Atmos now has a new data localization feature within “Workspaces Setting” that ensures customers automatically adhere to compliance standards like GDPR and NIST. Make compliance simple, as it should be.
Taken together, the Axis Atmos Winter Release for DLP, gets you back to what you enjoy:
- Simple-to-understand GRC!!
- Smart, unified DLP policies
- Secure the enterprise
Tis the SSEason!
To see how easy DLP can be, check out our Unified DLP Demo Video.