By Ishani Sircar, Manager, Product Marketing at CipherCloud
As technology evolved and the world migrated to the cloud, the amount of data in the cloud increased at a rapid pace, and most organizations in trying to keep pace overlooked security best practices. Organizations are sitting on tons of historical data in the cloud, with outdated security settings or policies. Negligence can lead to data leaks, compliance issues.
Solving the mystery of historical data
What’s historical data? It is the records that have been residing in the cloud for the past few years unprotected and unnoticed. In the growing cloud-mobile environment the stored sensitive data begin piling up, and without proper visibility, enterprises run the risk of compliance failure, security vulnerabilities, and data breaches. The longer a company leverages a SaaS the more data tends to accumulate in it. CipherCloud regularly speaks with organizations that have terabytes of data in the cloud; scanning this historical data can be quite an undertaking.
How can Cloud Data Discovery help?
CipherCloud’s Cloud Data Discovery (CDD) enables enterprises to perform historical scanning of all existing data within a cloud application to ensure compliance readiness. Through API integration, CDD scans the content, collaboration, and links across popular SaaS clouds. With CipherCloud CDD, users can perform a thorough audit of the data resident in the cloud to identify sensitive information related to PII, PHI, PCI, HIPAA, and enforce remediations to preserve data integrity and compliance.
With an increasing focus on data privacy and implementation of laws such as the CCPA, GDPR organizations are struggling to comply with a broader definition of consumers’ PII. Compliance requires knowing what kinds of sensitive data exist, and where they exist, in your sanctioned clouds. Failing to do so, can be a showstopper for most businesses.
What does Cloud Data Discovery solve for?
Use Case #1 – Identify all historical data in use to ensure compliance
SaaS apps are used by most organizations for daily operations. Seeing new threat vectors in the cloud-mobile environment, organizations adopt a data protection solution to encrypt data on the cloud. In this case, the historical data is never investigated. A quick scan of that historical data can reveal multiple vulnerability points and a lack of compliance with the latest data privacy laws. Furthermore, a blanket data encryption solution doesn’t account for the classification of sensitive and non-sensitive data. Not all data hosted across clouds is equally sensitive. Such a solution will not give visibility to identify information related to PII, PHI, PCI, HIPAA. That is why Cloud Data Discovery provides extensive filtering capabilities to target scans to specific folders or objects of high importance.
Use Case #2 – Preventing Inadvertent Public Shares
A very common problem in the cloud-mobile work environment is inadvertent public data shares. Almost daily there is a new report on an organization that has lost control of its data through innocuous means such as public sharing. Cloud Data Discovery can discover these open shares and immediately take action to remove them or limit data exposure with restricted sharing policies.
Use Case #3 – Visibility and Compliance with Periodic Scans
With terabytes of information created on SaaS clouds, organizations need to eliminate silos and have visibility into the entire journey of sensitive data moving across devices, users, and clouds. Lack of visibility can build attack surfaces and pose a huge security threat if ignored. Cloud Data Discovery provides a single pane in a glass view of the security and compliance snapshot of the cloud. Scans can be scheduled or manual. While a scan is running, CASB+ administrators can track the progress of the scan as well as pause the scan should the need arise. Each scan produces a detailed report that helps the organization understand the data that is stored in the cloud. These reports also include information about the data violations as well as the remediation action that was performed.
Watch this webinar to know more about gaining visibility and control of sensitive data in Box.