What is Cloud DLP And Why You Need It For Remote Work
Remote work is not going away. Depending on who you ask, experts believe 35% - 65% of the US workforce will continue to work remotely, permanently. Remote work was a trend that began well before the pandemic and will continue to be the preferred way to work for companies and employees alike.
However, many companies were unprepared for the speed at which remote work became the preferred office structure. The pandemic forced businesses to adopt new tools and processes virtually overnight. The rapid shift to remote work exposed companies to a variety of new security challenges that haven’t gone away.
The adoption of cloud programs
Remote work has facilitated the increased use of cloud platforms across industries. In one survey, 9 out of 10 companies reported accelerating their cloud adoption in response to the pandemic. And while many companies switched to cloud-based programs out of necessity, many are achieving better business results from making the shift.
A research paper by Wang Jin, a research fellow at the MIT Initiative on the Digital Economy, found that companies that transitioned to the cloud saw improved productivity, increased revenue, and were better positioned to take advantage of initiatives such as artificial intelligence and supporting a remote workforce.
Companies that “switch to the cloud” are primarily making two types of investments: in cloud computing and in specific cloud products, such as Amazon Web Service or Salesforce Service Cloud, for instance. Today, it’s estimated that the average company has 254 SaaS apps — and that’s not counting IaaS, PaaS, and other cloud services.
Unfortunately, on average, only 45% of company apps are being used on a regular basis. In addition, 56% of all apps are “shadow IT”, meaning applications owned and managed outside of IT. These programs create a big security risk for your company — a risk that makes the need for cloud DLP critical.
What is cloud DLP?
Cloud data loss prevention (DLP) is a set of tools and practices that keeps sensitive information at rest, in use, and in motion in cloud programs safe. Cloud DLP tools help organizations discover, classify, and protect their most sensitive data in SaaS, PaaS, and IaaS platforms.
These apps open your company to a huge amount of risk. Too often, companies provide access to vendors, partners, and contractors through apps no longer in use, creating an opportunity for theft or malware. Or employees seeking to make remote work easier implement cloud-based programs without the approval and oversight of an IT administrator, leading to a similar vulnerability.
This is where cloud DLP plays an integral role in protecting your company data. Cloud data loss prevention is specifically designed to protect data stored in the cloud. And some cloud DLP tools, like Nightfall, use AI to efficiently discover, classify, and protect data in the cloud by integrating directly with popular platforms – like Slack, Jira, and Google Drive at the API level.
Which cloud services can use DLP?
Most cloud services fall under one of four general categories:
- IaaS: Infrastructure as a service. These are cloud-based, pay-as-you-go for services such as storage, networking, and virtualization. Example: Many popular services in AWS like S3 or Redshift
- PaaS: Platform as a service. These are cloud-based services that provide customers with a platform to develop, run, and manage applications without the complexity of building and maintaining IaaS directly. A popular example includes Heroku.
- Serverless: These are programs that offer the benefit of building app functionality without needing to manage the servers and infrastructure continually.
- SaaS: Software as a service. These are software programs that are available via a third party over the internet, such as Slack and Confluence.
These services store structured and unstructured data. Structured data is quantitative data that is highly organized and easily decipherable by conventional methods like lookups, queries, or regular expressions (regex) — and is especially relevant in the context of relational databases like those built on SQL.
Unstructured data is that which is saved in a non-formatted, non-standardized structure. Such data is typically stored in non-relational or NoSQL databases such as MongoDB, which can be more difficult to query.
DLP can be applied to virtually any cloud service, whether it’s IaaS, PaaS, SaaS, or serverless. Some tools will scan both structured and unstructured data. However, as you vet different DLP programs, it’s important to research each vendor to understand how their software integrates with the cloud and whether it can be configured to work with your specific stack.
How is DLP integrated with the cloud?
Different tools have different methods of integrating with your cloud programs. Nightfall is one of the easiest DLP solutions to get up and running. Through APIs, Nightfall integrates deeply into SaaS applications, including Confluence, GitHub, Jira, Slack, Salesforce, Google Drive, and more. Additionally, the Nightfall Developer Platform provides a low-code solution for the integration of Nightfall into cloud infrastructure the platform doesn’t natively support. Take a look at our tutorials for examples of how this works.
The simplicity and flexibility of Nightfall make it an elegant, powerful solution for adding data security across popular cloud platforms. Our platform’s interface makes it easy to customize and configure detections for the data you wish to protect. Nightfall customers are typically up and running within a few minutes. For SaaS apps, there’s no additional configuration or setup required beyond installation — though developers also gain the ability to build their own integrations as needed.
Nightfall scans both structured and unstructured data, with the capability to parse text from 100+ file types, including customer chat logs, JSON objects, application logs, spreadsheets, PDFs, images, screenshots, and more.
Remote work requires the use of cloud programs: companies simply can’t function without easy file sharing, streamlined communication, and shared collaboration tools. However, there’s a right and a wrong way to integrate the cloud into your remote work environment. Cloud DLP is absolutely vital to protect your valuable information in apps like Slack, Google Drive, and Jira.
Learn more about securing your information while working remotely in our guide, “The Security Playbook for Remote-first Organizations.” To get started with Nightfall, schedule a demo at the link below.