Setting up data loss prevention in the cloud
Data loss prevention solutions are designed to prevent sensitive and confidential information from being stored, used, or transferred without sufficient protection. With cloud DLP solutions, the specific aim is to ensure data is not sent into the cloud without being encrypted first. This data is only sent to cloud applications that have been authorized.
The cost of data loss to your business
Calculating the exact cost of a data loss event to your business can be challenging as it depends on how big your business is and how valuable the lost data is. To give you some idea of the potential damage, a study by IBM and the Ponemon Institute found that the average cost of data loss is $3.86 million, with $8.64 million in the United States.
This same study found that the average cost per lost or stolen record was:
- $150 for Customer Personally Identifiable Information (PII)
- $147 for intellectual property
- $143 for anonymized customer records
- $141 for Employee PII
Note that while this report focuses on data loss due to cyberattacks such as malware or ransomware, data can also be accidentally destroyed or corrupted by an unexpected power or connection outage.
The benefits of a data loss prevention strategy
Did you know that 83% of enterprise workloads are expected to be moved to the cloud by 2020? This means data is at more risk than ever before. But with the benefits that cloud DLP solutions offer, you can mitigate those risks.
- Easy integration with cloud solutions providers allows for the scanning of servers in order to identify and encrypt sensitive data before it is shared with the cloud.
- Scan and audit all data already stored in the cloud at any time.
- Automatically enforce enterprise policies by applying chosen controls (prompt, block, encrypt) to sensitive data.
- All relevant parties and data owners get instant alerts whenever data is at risk.
- Provide the visibility and control required to comply with privacy and data protection regulations.
Creating your DLP strategy
Prioritize your data
Not all of your data is equally sensitive or critical, so you should identify which data would cause the most problems if it were stolen. For example, retailers and healthcare providers would obviously rank Customer PII records the highest.
Categorize your data
Developing a system to ‘label’ all your data can seem an impossible task. But sorting data into these different groups makes it that much easier to track its use.
Know when your data may be at risk
This could vary depending on the type of data your business relies on. In certain cases, network-based security and encryption are perfectly adequate. But when data is coming from the cloud solutions you employ or used on an employee device, the risks might change or get higher.
Monitor the movement of data
One of the best ways to prevent data loss is knowing where your most sensitive data goes and how it’s being used. This way, you can identify what existing behavior puts data at risk.
Deploy your strategy in stages
The first step to an effective DLP strategy is getting control of your most critical data. Once you’ve fully developed your plan and you’re comfortable with it, you can expand it to include a subset of less critical but still important data.
The benefits of moving to the cloud cannot be ignored, but your business needs to make sure your data is always secure — no matter where it is. Cloud DLP solutions is just one of the tools you can use to take advantage of those benefits without the potentially crippling loss of important and sensitive data.