Symantec has announced a data loss prevention (DLP) solution in the cloud. The announcement was made in a blog co-authored by Deena Thomchick, Senior Director of Product Management Symantec and Linda Park, Sr. Product Marketing Manager, Data Loss Prevention. Thomchick previously worked for Blue Coat whose acquisition in August by Symantec kick started this initiative.
DLP, a concern for corporates
Data loss prevention is a concern for many businesses. There are several ways to exfiltrate data from companies. One way is the Internet. With more and more corporate data stored in the cloud though, it is now possible to stop the exfiltration at source before it reaches end user devices.
Thomchick writes that the new solution prevents data loss from cloud apps such as Office365 and Salesforce. Citing research from a Blue Coat report, Thomchick revealed that 23% of files in cloud apps are shared and 12% contain sensitive or data that risks compliance breaches. This sharing can be accidental, but any data loss risks penalties. In February alone the FCC assigned nearly $36 million in fines for PII violations.
With the General Data Protection Regulation (GDPR) coming into force next year, the definition of PII is going to be substantially extended. The European Court of Justice has confirmed IP addresses should be treated as PII. This extension of PII data means that companies will need to tune their data loss prevention systems over the next few months.
Blue Coat and Symantec solution
Symantec has combined the Symantec DLP with Symantec CloudSOC CASB (Cloud Access Security Broker). Symantec DLP cloud is capable of discovering sensitive data within more than 60 cloud apps. These include Office 365, Box, Dropbox, Google Apps, or Salesforce via the integration with CloudSOC. The advantage of running the DLP solution in the cloud is that the data no longer needs to traverse the network link back to the data centre. This reduces the overhead of companies on those connections and potentially removes one element of risk as well. A single interface manages the whole solution and companies can apply their existing DLP policies and rules within the solution.
Symantec CloudSOC provides full CASB visibility and control of user activity in cloud applications. It uses behavioural analytics to identify and, if required, block malicious activity within cloud apps. Incidents are reported through a simple dashboard for security teams to investigate later. This helps them quickly identify potential privacy and data breaches as well as issues with compliance.
There is now support for the detection of shadow IT. This would include the use of file sharing portals that end users might select. Sometimes this use may be to deliver specific projects with clients. This is where companies need to decide on what policies and rules to follow once issues such as these are detected.
The integration of the Blue Coat solution by Symantec so quickly is impressive. Blue Coat were well respected in the industry. Symantec needed to leverage their technology quickly to show that the product lines would not cease. By integrating their products, it shows the company is more relevant to corporates as they look to deploy cloud solutions.
This solution in particular, will appeal to many who are looking to move nearly all their data into the cloud. It provides a means that previously was expensive using on premises solutions. While there is no road map for the solution, hopefully Symantec will soon announce what this product will deliver next.