Insights and Research

The Formula for Flawless Data Protection

Your data is under attack. That statement shouldn’t take anyone by surprise. But do you have the right data protection platform in place to keep your data safe? Judging by recent news reports and statistics, the answer is…no.

 

An ongoing problem

Reports of data breaches seem to make the news on a daily basis. While writing this blog, a report broke about a cyberattack on London’s Hackney Borough. While details of the attack are limited and an investigation by the UK National Cyber Security Centre has just begun, Philip Glanville, Mayor of Hackney, noted that, once the attack was discovered, one of his first priorities was “protecting data.”

Data is what cybercriminals are targeting. After all, data has become the currency for these bad actors. Once your data is in their hands, they can sell it on the dark web or hold it for ransom until you pay to get it back.

That’s why attacks persist. So much so that organizations today are more likely to get hit with an attack than in previous years. And these data breaches are more than an annoyance or an IT headache. They can be incredibly costly to organizations. A 2019 study from the Ponemon Institute, which surveyed 507 companies that had suffered a data breach, revealed that the average cost of a data breach to companies is $3.92 million globally.

And that doesn’t take into account other costs—specifically the broken trust of your customers and employees whose personal data winds up in the hands of cybercriminals. That could cause irreparable harm to your brand and business.  

So, for those who have been hit with a data breach, you are not alone. And, for those who haven’t been hit with a data breach, there's a good possibility that you will be.
 

A failed experiment

If they are being honest, IT and security professionals will tell you that protecting data used to be easier—back in the days when all data was housed in the data center and employees worked in the office.

However, as applications move to the cloud and employees are working from practically anywhere, legacy security procedures have proven inadequate. Security can no longer be static. It has to go where your employees go and where your data goes, especially when your employees drop off the corporate network, away from your security controls.

In response, organizations have looked to the cloud for help. But as in just about any industry, not all solutions are the same, with some promising more than they can deliver.
 

The right formula

When looking for a cloud security provider, organizations need to be wary of vendors that simply spin up virtual instances of their hardware-based systems. These systems suffer from the same problems as their terrestrial counterparts. Only a purpose-built cloud offering can provide the type of security your data, business, and employees need.

That offering needs to include enterprise-grade data security built on an inline data protection architecture that scales to enable organizations to inspect all SSL-encrypted traffic. This is critical because, at the beginning of October 2020, 95 percent of all traffic on Google was encrypted. If your system can’t inspect all SSL traffic, you are blind to the threats that could be hiding there.

To ensure strong data protection, organizations need to look for a cloud security platform that includes the following three essential elements:

  • A purpose-built SASE architecture.
  • The best context for better data classification.
  • A unified platform that protects all channels.

Let’s take a closer look at each of these.

A purpose-built SASE architecture: Organizations often use cloud access security broker (CASB) and data loss protection (DLP) tools as part of their data protection strategy. But for these solutions to perform at the highest level, they require full SSL inspection—something appliances just can’t deliver. A purpose-built SASE cloud platform is the first requirement to deliver high-performing, always-on secure connections no matter the user’s location. SASE unifies all CASB, DLP, and security services into a globally distributed cloud platform so you get less complexity, better data protection, and a fast user experience. 

The best context for better data classification: To properly classify the data you have, you need context, but it’s the quality of context that helps you make the best, most informed decisions. Today, your data moves across hundreds of channels—from cloud apps to public clouds to file-sharing platforms. And all the context you need in those channels is hiding inside SSL encryption. A data protection platform must have visibility into all SSL traffic, which provides organizations with a treasure trove of context.

A unified platform that protects all channels: Protecting your data from leakage and exfiltration requires security to be everywhere your data is. If you can’t control every channel, your data is vulnerable and exposed to potential threats. Also, if you can’t unify all CASB and DLP protections into one platform, you’ve made things way too complex. Without a single platform view, you end up with a disjointed policy, security gaps, and a greater propensity for costly configuration mistakes.

When these critical elements are part of a security platform built specifically for the cloud, you get data protection that meets the needs of today’s world. Your data is protected wherever it is and wherever your employees access it. And you won’t become another story that pops up on my news feed.

Want to learn more? Check out our latest report on flawless data protection.


Steve Grossenbacher is a director of product marketing at Zscaler.

Stay up to date with the latest digital transformation tips and news.

By clicking the submit button, you are agreeing to our privacy policy.