Widespread trends are changing the way people work, creating the need for a new type of data loss prevention (DLP) solution specifically designed for cloud workflows.
“Going to work” took on a new meaning in 2020. About 56% of the U.S. workforce have jobs they can perform, all or in part, from home – and many did just that during the pandemic. For some, the change will become permanent. Findings in the Global Work from Home Experience Survey indicate that between 25% and 30% of the workforce will be working from home multiple days per week by the end of 2021. Employees who were forced to work remotely proved to skeptical business leaders that it could work. Furthermore, the work-from-home (WFH) model can result in significant cost savings from decreased travel, facility space and upkeep, and other factors – about $3,000 on average for the employee and $11,000 per remote worker for the business. Therefore, employees who can work from home probably will, and they’ll continue to access and share company data from their home offices.
Additionally, many of those employees will use their own smartphones, laptops, and PCs to do their jobs. Finances Online reports 95% of organizations allowed personal device use before the pandemic, and 85% formally implemented bring-your-own-device (BYOD) policies due to COVID-19. Finances Online also reports that data loss is a top security concern for 63% of BYOD organizations.
Businesses that transition workloads to the cloud soon discover that the solutions they used to protect data in on-premises systems are no longer adequate to control and track what employees are doing with sensitive corporate data.
Cloud collaboration solutions allow Work From Home (WFH) employees to share links to cloud documents and files and grant permission for collaborators to edit files, upload data, and even add more collaborators. Employees often have the option to share links that grant permission to read or edit files with anyone who has the link – which creates risks of an unauthorized person accessing that data if the link is accidentally shared, for example, via a “reply all” email.
While those risks are associated with cloud workflows regardless of where the employee is working, they’re compounded when the IT or security team has limited visibility into whether employees are following data security policies because the employee is working from a personal device in a home office.
The solutions that enforced data protection policies when employees used on-premises solutions aren’t designed to work in cloud environments, and cloud access security broker (CASB) solutions often don’t have all the features of a DLP solution.
Without visibility into employees’ activities and the ability to track where data goes, businesses can experience data leakage – and not even be aware of it until a breach is discovered.
The answer is to deploy a cloud-native DLP solution designed to protect data in the cloud. It addresses gaps created by other solutions by:
Working from home on personal devices can result in risks that company data will be stored or shared to employee’s personal accounts. An employee may create a document and save it to the wrong Google Workspace or OneDrive account. Or, a team member may accidentally click on a collaborator’s personal email address and send an email containing a link to sensitive information.
A cloud-native DLP solution alerts the security or IT team when data exfiltration occurs.
Data leaks are often the result of accidents – but sometimes, they’re intentional. For example, an employee about to resign may attempt to steal customer lists, IP or other sensitive information. They may also add their personal email addresses to the list of a document’s collaborators so that they retain access after they leave the company.
Legacy solutions often require installing an agent on the device the employee will use. If the business allows using BYOD devices, this can add time and complexity to deploying the solution – time that companies working to meet customer demands and stay competitive don’t have.
An agentless DLP solution gives employees the freedom to use any devices to do their jobs, whether corporate-issued or personal devices and still provide the same level of data protection.
In addition to providing the visibility security and IT teams needs, the right cloud-native DLP solution also makes it easy for administrators to take action to stop data leakage and address the risks they identify. From a centralized dashboard, they can see activity across all cloud platforms, change permissions, remove collaborators, and more so that they can mitigate risks.
The key is choosing a DLP solution designed to protect data in the cloud rather than settling for limited visibility and control that existing security solutions provide.
For more details into protecting data in a WFH, BYOD cloud environment, download our white paper, The Top 5 Reasons to Trade in Your CASB for Cloud-Native DLP.
Fill in some contact info below or schedule a meeting so we can reach out to provide more details on how Altitude Networks can protect you from data loss in the cloud.