-B Swaminathan (cbedit@imaws.org)
While the rise of big data yields tremendous opportunities for enterprises, data leak risk inevitably arises because of the ever-growing data volumes within corporate systems. For the same reason, data breach incidents will become more damaging to enterprises. In many cases, sensitive data are shared among various stakeholders, e.g., business partners and customers. Cloud file sharing and external collaboration with companies, which are becoming more common for today’s enterprises, make the data leakage issue even worse. On the other hand, as the workforce is becoming mobile, employees working from outside the organization’s premises raise the potential for data leaks. In addition, in big data environments, motivations behind cyberattacks on stealing confidential enterprise data are dramatically increased with bigger payoffs and more recognition from a single attack. These factors pose a greater challenge of detecting unauthorized use, access, and disclosure of confidential enterprise data. Here, we list several technical challenges for data leak detection in the era of big data.
According to Manasi Saha of Macaws Infotech, “Organizations are having lack of knowledge and vision while differentiating the sensitive digital asset from other data,lack of proper data security policies, lack of defined usage rights for organizational users, lack of security parameters to prevent data leakage.” Most organisations do not invest in employees’ data security education. If so, it will prevent a massive amount of data breaches inadvertently caused by staff members.
It is all about the attitude of the organizations. Most of them are not giving enough importance to employees’ attitudes and focusing the data security implementation on user behaviour and data transfer patterns, and putting the spotlight on external threats, instead, leads to loopholes in data security. There are also the negligence and human error factors that are part of insider threats and need to be addressed with proper tools and policies. “ In work from home culture users are using unprotected networks while accessing the corporate data. In the case of BYOD systems, lack of endpoint and network protection might lead to data leakage.” , Manasi adds.
Siva Swarup of Cloudace Technologies, one of the leading partners practicing DLP in the South, has his own take on the hybrid model and its challenges. “Organisations that do not address these challenges risk creating a two-tier workforce and losing top talent to those that have actively embraced the challenges and mitigate their risks. Some of the other challenges include dilution of culture: the impact on culture as the workforce becomes dispersed and Seamless connectivity: connecting those that are remote with those in the office”
What partners expect from a DLP leader:
Despite the emergence in the consumer awareness of data leak policies, channel partners’ role is still relevant for unbiased and true opinions. Manasi handles all the key enterprises and she prefers a trustworthy OEM. “Being in the IT Security industry for over two decades we have tied up with several renowned OEMs who are leading Gartner quadrant ,we want to give the best of bid solutions to our esteemed customers.”. Manasi says.
Swarup says that the key expectations from any OEM is that it will confirm that the product will fully meet the customer requirement. “ Some of the other expectations include the origin of the product, response and result in the market and support structure provided by OEM.”, says Swarup who further added another key aspect in today’s market scenario- case locking discipline.
Data classification is most important:
Vishal Bindra, Founder of Klassify calls for a new angle of prioritizing the data before preventing it. “Even though DLP is not a new concept, I see many small companies have started understanding the importance. However, finding the right solution still remains the challenge in the market.”, says Vishal who further adds that many companies had burnt their hands in deploying wrong solutions. “A customer cannot see DLP in the likes of installing an antivirus software. A customer should have complete information on the data they have and how they are going to use it. Having a random DLP software without having the right data classified in the right manner is like installing a CCTV camera without a monitoring mechanism”, he says and concluded that today cloud data leakage is also becoming so important.
Dhruv Khanna, CEO, Dataresolve says, “Thanks to digitalization, whether it is a necessity, passion, or luxury, everything is just a click or swipe away. Passwords protect our lives. On the flip side, however, this has made us susceptible to information leakage, which often results in losing critical information or money. In 2021 alone, data of 86.63 million Indian users were breached till November, including some of the most significant breaches like Air India and Dominos.”
Compared to 2020, there has been a 351.6 percent increase in affected accounts due to data breaches in 2021, which makes data privacy a necessity in today’s world. For enterprises, the risk is even more. Irrespective of the organization’s size, critical information is available to all the employees and can be accessed from multiple devices. Furthermore, in the case of identity theft or violation of industry compliance mandates, organizations can be sued or fined. Therefore, organizations must govern and set policies around data sharing and access to avoid loss of data and dollars.
DataResolve has been addressing this critical need since 2014. Focused on addressing corporate fraud, data leaks, and employee productivity, the company has been ensuring data security across 20+ industry segments and countries. It has secured more than 1 lakh endpoints to date for 200+ customers.
inDefend, DataResolve’s flagship product, is designed to prevent data leakage via various channels and proactively keep you informed of any sensitive data exfiltration attempt on-the-fly. With a 4.4 Gartner Peer Insights rating, it allows you to monitor your employees’ behavioral patterns and pinpoint potential avenues for data exfiltration. This solution is built to achieve complete transparency over all the digital assets residing within your organization.
In an upgrade to the flagship product, the company has also launched inDefend Advanced, a combination of DLP + user activity monitoring + employee productivity. It is a complete insider threat response system monitoring software to allow or block users’ activities at the endpoint.
THIS ARTICLE IS POWERED BY
