Why it is time to rethink legacy DLP -TEISS® : Cracking Cyber Security
18 December 2018
Stories of organisations that have experienced serious financial and reputational damage from malware and other external cyber-attacks are everywhere these days. What doesn’t get as much press are threats from inside an organisation, despite the fact that they pose just as much danger.
It’s an uncomfortable fact that many organisations don’t want to think about: people inside your organisation pose a threat to corporate data. A recent research paper by McKinsey, Insider threat: The human element of cyberrisk, reports that 50 per cent of breaches between 2012 and 2017 involved insiders. Despite the prevalence of insider incidents, organisations still feel ill-equipped to deal with them. According to the 2018 Insider Threat Report by Cybersecurity Insiders, 90 per cent of cyber-security professionals feel vulnerable to insider threats.
To further safeguard their businesses and data from these internal events, many organisations have implemented data loss prevention (DLP) solutions. Unfortunately, the current generation of DLP products haven’t delivered on their promise.
DLP hasn’t delivered
While the goals of legacy DLP solutions are logical, security teams often describe using these solutions as “painful”. Legacy DLP deployments take months or years, because proper setup requires an extensive data classification process. Building and refining DLP policies to fit unique users is complex and iterative. As a result, employees are often blocked from getting their work done by rigid data restrictions that interfere with user productivity and collaboration. Alerts or “false positives” are frequently generated by normal, benign behaviors that are mistaken for malicious actions. Legacy DLP solutions also require on-site servers, which generate deployment and maintenance costs and run counter to the growing business priority of moving solutions to the cloud.
All of these issues with legacy DLP solutions stem from the same root problem: a narrow focus on prevention. But we know that mistakes will happen and data threats will succeed – which is why prevention alone is no longer enough.
It’s time for businesses to rethink legacy DLP and shift their focus from prevention to protection. Based on this new approach to DLP – next-generation data loss protection – security teams can more quickly and easily protect their organisation’s data while maintaining an open and collaborative culture for their employees.
Unlike traditional DLP, the Code42 Next-Gen Data Loss Protection solution does not require policies or block user productivity, and it deploys in days instead of months. This cloud-native solution protects your cloud data as well as all of your endpoint data, providing a single, centralised view with five key capabilities:
- Collection: automatically collects and stores every version of every file across all endpoints, and indexes all file activity across endpoints and cloud
- Monitoring: helps identify file exfiltration, providing visibility into files being moved by users to external hard drives, or shared via cloud services, including Microsoft OneDrive and Google Drive
- Investigation: helps quickly triage and prioritise data threats by searching file activity across all endpoints and cloud services in seconds, even when endpoints are offline, and rapidly retrieves actual files – one file, multiple files or all files on a device – to determine the sensitivity of data at risk
- Preservation: allows configuration to retain files for any number of employees, for as long as the files are needed to satisfy data retention requirements related to compliance or litigation
- Recovery: enables rapid retrieval of one file, multiple files or all files on a device even when the device is offline, or in the event files are deleted, corrupted or ransomed
With Code42 Next-Gen DLP, you can know exactly where all your data is, how it is moving throughout your organisation and when and how it leaves your organisation – all without complex policy management, lengthy deployments or blocks to your users’ productivity.
For more information, please click here.