The Cloud Makes Everything Easy — Including Data Exfiltration

As organizations have transitioned to the cloud, lots of tasks have gotten simpler. Employees can seamlessly work from anywhere or collaborate with anyone, whether it’s their own colleagues or third parties. But even though cloud applications have made it easier for workers to stay productive, it’s also become easier to lose track of what’s happening with your corporate data.

Without a defined perimeter, sensitive corporate data is now exposed to risks that never existed before. Cloud misconfigurations have quickly become the leading cause of breaches, and because cloud apps enable employees to work from anywhere on any device, there are also more opportunities for your workers to quickly share sensitive information.

Whether it’s through accidental leakage or malicious exfiltration, cloud apps put your data in a vulnerable position. To combat these new risks, you need a modern security solution that’s equipped to deal with cloud-based threats.

Do You Know How Your Data Is Being Used?

The adoption of cloud apps means that the perimeter as we knew it no longer exists. Instead of being contained on premises, your sensitive data is now spread across hundreds or thousands of apps, users, and endpoints.

Legacy tools don’t have visibility into all those entities, which means it’s difficult to understand how data is being used -- or who is accessing it. Traditional, application-based tools rely on static, point-in-time authentication, using the notion that if someone had the right password and confirmed their identity, they were deemed safe to access the organization’s systems.

But without the security of a firm perimeter, when you rely on tools that grant simple allow-deny access, what you're really doing is giving users a blank check. If a bad actor uses compromised credentials to get into the system and maliciously exfiltrate data -- or even if an employee accidentally shared sensitive data to a personal account -- your security team would have no way of knowing.

To counter the risks introduced by the cloud, many organizations have responded by adding new security products to address specific problems, and in 2022, large enterprises reported having an average of 76 security products deployed. But having dozens of security products deployed doesn’t make your organization safer from cloud-based risks.

Instead, it creates silos within your organization. IT and security teams have to manage each tool separately, making it difficult to get a holistic sense of how your sensitive data is being handled and nearly impossible to enforce consistent policies.

Data Protection Starts With Visibility

As the digital landscape changes, you need to shift your approach to data security with it. To keep your organization’s data protected in the cloud, you can’t rely on a litany of disconnected, on-premises legacy security tools. Instead, you need a cloud-native solution that gives you continuous insight into what’s happening with your data.

A security services edge (SSE) solution isn’t bound by arbitrary boundaries like a traditional perimeter, and instead gives continuous insight into your users, endpoints, apps, and data, giving you the context and visibility you need to protect against data exfiltration.

Capabilities like user and entity behavior analytics (UEBA) are a major piece of the puzzle. By constantly monitoring the behavior of users instead of relying on binary allow-deny access, you’ll have a better understanding of how people are using and interacting with your data. With UEBA, you’re able to identify anomalous behavior and limit access accordingly so that you can prevent data exfiltration before it happens.

But security doesn’t stop at access. You also need cloud-delivered data protection capabilities as part of your security solutions, including data loss prevention (DLP) and enterprise digital rights management (EDRM). With built-in data protection, you’ll be able to identify your organization’s sensitive data and enforce policies to limit access, like masking and redacting sensitive information or encrypting sensitive documents. This way no matter where your data goes, it’s automatically protected.

Sundaram Lakshmanan is the Chief Technology Officer at Lookout. He brings over 20+ years of network and security product development experience and has a successful track record of delivering innovative first-to-market and market-leading security products, as well as leading the global engineering team. Prior to Lookout he was the founder and CEO/CTO of Anicut Systems, a Distinguished Engineer at Juniper Networks, and held senior positions at Blue Coat (now Symantec).