By Neeraj Nayak, Senior Manager, Product Marketing at CipherCloud
In today’s era, a cloud-first strategy has become the new norm. Providing competitive advantage with improved business agility at lower infrastructure and deployment costs. Cloud services are gaining significant inroads in the industry, with enterprises deploying multiple clouds to meet their business needs. But this has brought forth an interesting challenge – remote workers are collaborating freely in the multi-cloud environment without visibility or protection of traditional on-premises security. The sensitive data today may reside across multiple apps, databases and personal devices, and without proper visibility, enterprises run the risk of compliance failure, security vulnerabilities and data breaches. While enterprises keep adding more cloud services to maintain business continuity, it is of paramount importance that they first take a step back and get an assessment of archived or historical data that has been residing in their cloud for years. Only then can organizations answer the two most important questions; Are we compliant and who has access to our sensitive data?
What’s historical data? Let’s say you are using Salesforce for the past few years to store the CRM records of all your customers. Due to an uptick in the threat vectors in the cloud, you decided to upgrade the security posture of your Salesforce account and adopted a cloud data protection solution to encrypt all the confidential customer records in the cloud. Does that make your cloud environment secure, protecting your data from all future cloud breaches? The answer is a resounding NO. While you did an excellent job in identifying a data protection software to perform a real-time check on all the current and future data going into the cloud, what about the records that have been already residing in the cloud for the past few years? How are they protected? A quick scan of that historical data will reveal multiple vulnerability points and a lack of compliance with the latest data privacy laws. The Shared Responsibility Model for cloud security states that the end-user owns the data in the cloud, and that data needs to be managed and protected right from creation to deletion. So what is the first step towards enabling continuous data visibility and protection?
Cloud Data Discovery (CDD) allows organizations to discover and classify data already stored in leading SaaS applications. While the first versions of CASBs focused on the data going into the cloud, they lacked the visibility into the data that was already stored in the cloud. With Cloud Data Discovery, organizations can scan historical data across multiple cloud apps, right from field-level information in structured clouds, such as ServiceNow and Salesforce, and unstructured data, files in collaboration apps, such as Office 365, Slack and Box.
Fig. Results of Cloud Data Discovery Scan
With an increasing focus on data privacy and the introduction of laws such as GDPR and CCPA, securing data has been the front and center of every organization with a cloud-first strategy. Now, more than ever, you need to ensure that not only the current but also your historical data remains compliant with the latest data privacy and protection laws.
OR CALL 1-855-524-7437