WebProNews

Tag: Data Loss Prevention

  • One-Third of Organizations Struggle With Data Loss Prevention Systems

    One-Third of Organizations Struggle With Data Loss Prevention Systems

    The Cloud Security Alliance (CSA) has bad news for the industry, saying that nearly one-third of organizations struggle with data loss prevention (DLP) systems.

    The CSA is an organization dedicated to helping secure cloud computing. A survey the organization conducted with Netskope found that DLP solutions are a critical component used in cloud security.

    Unfortunately, that’s where the good news ends. While companies are relying on DLP systems, nearly a third struggle to use them effectively.

    Among the top challenges cited by organizations are management difficulties (29%), too many false positives (19%), the need for manual version upgrades (18%), and deployment complexity (15%).

    “DLP solutions are an integral part of organizations’ data security strategy, but leaders are still struggling with this strategy and the implementation of solutions, especially for how complicated legacy and on-prem based solutions are to manage and maintain,” said Naveen Palavalli, Vice President of Products, Netskope. “These findings highlight the need for a comprehensive and easy-to-use cloud delivered data protection solution that integrates into their existing security controls and is a key tenant of their Zero Trust security strategy.”

    Cloud security is increasingly in the spotlight as more and more organizations experience data breaches at a time when the cloud is becoming integral to more companies and industries.

    The Biden administration has signaled it is preparing to regulate cloud security in an effort to better protect organizations. If the CSA’s findings are any indication, it looks like the industry could use the help.

  • Gmail Improves Data Loss Prevention Features For Enterprise Customers

    Back in December, Google announced the availability of Data Loss Prevention in Gmail for Google Apps Unlimited customers.

    This week at the RSA Conference in San Francisco, Google VP of Security & Privacy Engineering Gerhard Eschelbeck spoke, and announced new features for the DLP solution in Gmail.

    The first feature is optical character recognition (OCR) for better scanning of attachments.

    “Sensitive information can reside not just in text documents, but in scanned copies and images as well,” Google explains. “With the new OCR enhancement, DLP policies can now analyze common image types, and extract text for policy evaluation. Admins have the option to enable OCR in the Admin console at the organizational-unit (OU) level for both the Content compliance and Objectionable content rules.”

    Secondly, Google has added additional predefined content detectors.

    “Our Work customers span the globe, and we are committed to providing customers in all countries with plug-and-play DLP policies,” it says. “Towards this goal, we are pleased to announce the introduction of new detectors which cover personally identifiable information (PII) in several additional countries, and provide better coverage for HIPAA data as well.”

    The company also introduced two new detection parameters to give its largest Work customers better control over DLP policies, minimize false positives, and “take action commensurate with the level of perceived risk.” There is a count parameter and a confidence parameter. The former lets customers set up different DLP policies based on whether a message contains individual or bulk PII. The latter lets customers tighten or loosen detection criteria for the most commonly used detectors.

    Google has a data loss prevention whitepaper available here. You can also read this post, which looks at some of the company’s efforts throughout the past year. More comments from Eschelbeck here.

    Image via Wikimedia Commons

  • Gmail For Google Apps Unlimited Gets Data Loss Prevention

    Google just announced availability of Data Loss Prevention in Gmail for Google Apps Unlimited customers. The company plans to bring it to Google Drive in the coming year.

    “Workers are constantly creating and sharing new ideas, and keeping these ideas safe needs to be simple, quick and reliable,” says Suzanne Frey, Director, Security, Trust, and Privacy for Google Apps. “Google for Work already helps admins manage information security with encryption, audit reports, sharing controls, mobile management and two-factor authentication. But sometimes mistakes happen; for example, you might hit “Reply all” when meaning to send a private message. So today, if you’re a Google Apps Unlimited customer, Data Loss Prevention (DLP) for Gmail will add another layer of protection to prevent sensitive information from being revealed to those who shouldn’t have it.”

    “Organizations may have a policy that the Sales department should not share customer credit card information with vendors,” she adds. “And to keep information safe, admins can easily set up a DLP policy by selecting “Credit Card Numbers” from a library of predefined content detectors. Gmail DLP will automatically check all outgoing emails from the sales department and take action based on what the admin has specified: either quarantine the email for review, tell users to modify the information, or block the email from being sent and notify the sender. These checks don’t just apply to email text, but also to content inside common attachment types―such as documents, presentations, and spreadsheets. And admins can also create custom rules with keywords and regular expressions.”

    Google has a data loss prevention whitepaper available here. You can also read this post, which looks at some of the company’s efforts throughout the past year.

    Google will be discussing electronic crime, security, and privacy at the Enigma conference on January 25th.

    Images via Google