With remote working becoming commonplace, many organisations need an effective data protection strategy to support their expanding cloud infrastructure. But in working to mitigate risks and build robust processes, IT leaders face a range of challenges, and getting the priorities right is key to overcoming issues as varied as data leakage, compliance, and access control - all while maximising user experience.
So, where should they start? And what are the main data protection challenges that can threaten the integrity, management, and security of distributed data?
Challenge 1: Removing the risk of hidden data loss in encrypted traffic
When workers were in the office and connected directly to the company network, data and applications resided in central data centres, encrypted traffic was limited, and, as a result, on-premises solutions were sufficient.
However, with the move to the cloud, the use of the web, and the widespread adoption of remote working, encrypted traffic has shifted from the exception to the rule.
If current data protection solutions don’t identify and control sensitive data in encrypted traffic, they will miss the majority of sessions in which data exposure and misuse is a possibility, leaving the organisation vulnerable to data loss and breaches.
Solution: Stolen data is often disguised and sent uninspected through SSL, and according to a recent Google Transparency report, 95% of traffic is encrypted and therefore not subject to inspection by traditional DLP solutions.
This is potentially disastrous, as partial inspection of traffic leaves businesses vulnerable to data loss, meaning sensitive data passing through may be missed.
Consequently, organisations need cloud and web security solutions that can inspect every byte outside the network and beyond the scope of legacy technologies. With this approach, they can ensure that data within encrypted traffic is secure.
Challenge 2: Closing gaps between data protection services
With the move to the cloud, data is distributed across diverse SaaS, IaaS, web and on-premises environments.
Naturally, each of these needs effective data protection, with many organisations adopting a cloud access security broker (CASB) service to secure managed SaaS applications and IaaS platforms, while cloud security posture management (CSPM) is used to scan IaaS instances for misconfigurations.
In addition, secure web gateways are used to secure the web and unmanaged apps (shadow IT), while zero trust network access (ZTNA) can help ensure reliable, wide-ranging protection.
However, this complexity makes data protection uniformity and solution management challenging and can waste time and money while creating gaps in visibility and control across resources.
Solution: Unified protection, whereby a consistent level of security is provided to all interactions across ecosystems, can be achieved by adopting a comprehensive security platform built in and delivered through the cloud.
Today’s market-leading technologies can monitor data in transit and at rest within IT resources through capabilities like cloud DLP and ATP. Consistent security across all interactions is key.
Challenge 3: Avoiding poor user experience
With workers and the resources they access and use to do their jobs moving off premises, a major element of core infrastructure is now the internet itself.
One of its downsides, however, is that this approach limits IT’s ability to anticipate, identify, and mitigate issues with their legacy security stack.
Additionally, when the majority of services, solutions or applications used by workers are out of the organisation’s control, it becomes more difficult to ensure employees have a good user experience and maintain productivity while data is staying safe.
Solution: Many appliance-based security offerings require traffic to be backhauled to a central location, creating bottlenecks and causing latency, which directly impacts user experience and productivity.
A platform that embraces the concept of secure access service edge (SASE) puts data security as close as possible to the user, reducing latency and significantly improving user experience.
Challenge 4: Eliminating compliance violations across clouds
Failing to meet and maintain required industry regulations can result in significant fines and even loss of business.
With data distributed across SaaS, IaaS, the web and a myriad of devices with remote access to enterprise networks, visibility and remediation for compliance purposes are reduced, potentially putting your company at risk.
Solution: By enabling unified compliance visibility and control across entire IT ecosystems, a range of key compliance standards (PCI DSS, HIPAA, and GDPR, among others) can be met, minimising the risk of compliance violations in today’s complex environments.
By including these important considerations in data protection strategy planning and execution, organisations can build cloud-centric infrastructure with confidence. In doing so, they can minimise risk, embrace best practices, achieve compliance, and deliver a consistently strong user experience.