As the shift to cloud-based IT infrastructure reaches its 10-year milestone, the need for updated data security measures is more apparent than ever. The focus needs to shift from protecting endpoints to safeguarding data where it resides – online, particularly in the browser.
A recently released guide by LayerX titled “On-Prem is Dead. Have You Adjusted Your Web DLP Plan?” (download here) delves into this transition, discussing its origins, potential solutions, and practical implementation examples. Security and IT professionals can use this guide to stay informed and upgrade their DLP strategies.
Key points covered in the guide include:
Importance of DLP
The guide begins by explaining the critical role of DLP in safeguarding data from unauthorized access. DLP solutions classify, assess sensitivity levels, and enforce protective measures to prevent data breaches, malicious activities, and ensure compliance.
Changes in DLP and Data Security
While traditional DLP solutions were designed for on-premises environments, the shift to cloud-based systems has necessitated a new approach. Data now resides in online locations such as SaaS apps and websites, requiring DLP solutions to adapt accordingly.
Strategies for Data Protection
The guide outlines three approaches for security and IT teams:
1. No Change – Maintain current DLP solutions but restrict data uploads to insecure online platforms, a partially effective strategy.
2. CASB DLP – Monitor files within SaaS apps and enforce policies between apps and devices, effective for some sanctioned apps but not all.
3. Browser DLP – Implement data monitoring at the transaction level, enforcing policies across all vectors (devices, apps, and browsers).
Given the browser’s role as the interface between devices and online platforms, adopting a browser DLP approach is ideal. An enterprise browser extension can serve as a browser DLP, monitoring user activities, web page executions, and enforcing security measures.
Sample Browser DLP Policies
The guide provides examples of DLP policies tailored for cloud environments:
- Alerting about attaching confidential files to email web apps.
- Blocking confidential file uploads to personal Google Drives.
- Preventing confidential file downloads to unmanaged devices.
This guide is essential for organizations managing online data security. Read it here.