Data Loss Prevention: Cloud is the New USB Stick
Thursday 8th November 2018
Trevor Graham & Michael Crossey
For many years companies and government organisations have worried about data loss through uncontrolled use of removable storage, such as USB memory sticks. Some companies, such as IBM, have banned employees from bringing memory sticks into their place of work, others locked down access to USB ports on employee's PCs, and some even resorted to pouring Superglue into the USB port.
Nowadays however, the main threat to data loss is the use of Cloud applications by employees: everything from social media and e-mail through to cloud storage and business applications delivered via Software-as-a-Service (SaaS). These all represent ways in which sensitive, valuable data can be easily moved outside the organization, and potentially compromised.
A case in point is the recent data protection failure at the health insurance organisation, Bupa. Here, a rogue employee was able to extract the personal information of over half a million Bupa customers and send bulk data reports to his personal e-mail account. He then went on to offer the data for sale on the dark web. The subsequent investigation found several inadequacies in Bupa's data protection procedures and systems, including a lack of ability to detect unusual activity.
With the Cloud, there is no equivalent to the Superglue method - apart from banning access to the Internet or prohibiting the use of SaaS applications. This is clearly both undesirable and impractical -the rapid growth in usage of business SaaS apps demonstrates how popular and entrenched these have become, and they can deliver real benefits in productivity, innovation, cost savings and end user satisfaction.
But clearly something needs to be done to protect data as it increasingly moves to the Cloud, particularly for data-sensitive SaaS applications such as Customer Relationship Management. What is needed is a governance and compliance process around SaaS usage - managers need to know which applications employees are using, which departments are using them, whether they are appropriate to the job role, how they relate to critical business processes, and which of them represent a risk of exposure to data loss. Then, they need to monitor the use of those applications to be able to spot anomalous behaviour and quickly take action in the event of a potential breach.
This is where Ampliphae comes in. Our solution unobtrusively monitors traffic flowing from the organisation to the Cloud, using our proprietary technology to identify which SaaS applications are being used across that organisation. We then present a rich set of information to managers, giving them a comprehensive view of which employees, departments and business processes are using the applications, enabling them to control who can access the applications and for what purpose, and, most importantly - to flag suspicious activity so that rapid action can be taken to protect data.
So, organisations no longer need to resort to Superglue or crude, ineffective blanket bans in order to protect data as it moves to the Cloud - Ampliphae can provide advanced, intelligent and non-disruptive monitoring so that users can enjoy the benefits of SaaS without comprising data security.