We’ve put together an ebook of considerations when choosing a cloud DLP vendor to protect sensitive data in the various cloud services that your employees use. We’ll go over the third consideration in this blog post.
The Netskope Cloud Report shows increasing use of public cloud infrastructure (IaaS/PaaS) and with that use the risks for exposing sensitive data due to misconfigurations rises. Compounding that is the fact that many organizations have adopted a multi-cloud approach – meaning at a single organization Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure could all be deployed in conjunction with each other.
Question 3: What do you offer for data protection in public clouds or IaaS/PaaS?
Use of IaaS solutions like AWS, GCP, Microsoft Azure, and more are exploding as devops teams are creating applications and resources to support strategic goals. Many of the applications deployed on IaaS access and use sensitive data – meaning the data should be visible to IT and secured.
What to look for: Look for a cloud security solution that allows for DLP policies to be set across resources like Amazon S3 buckets or Microsoft Azure Blob storage both in real time (with activities like uploads and downloads) and in data already residing in those datastores.
Test for it: Test for it by setting a policy to restrict upload of sensitive content to an S3 bucket to only a set AD group for compliance and auditing.
For the full ebook, go here.