Exact data match (EDM) is an advanced data loss prevention (DLP) technique that finds specific data values that are important to the organization and need to be protected rather than finding general data patterns or formats only. For example, an organization can detect the exact match of a customer credit card number, rather than detecting only the pattern, to enhance detection accuracy and reduce false positives.
Data loss prevention (DLP) is a set of technologies and processes that monitor and inspect data on a corporate network to prevent exfiltration of critical data as a result of cyberattacks, such as phishing or malicious insider threats. Sensitive data such as personally identifiable information (PII), protected health information (PHI), credit card numbers, and intellectual property is an organization’s lifeblood, so it's critical to implement strong data security.
Cloud data protection is a set of data storage and security measures designed to protect data residing in, and moving in and out of, a cloud environment. Stored data is known as “data at rest,” and moving data as “data in motion.” Data protection refers to data being copied, rather than straightforwardly “secured”—it’s meant to ensure sensitive data is still intact after a loss or corruption event, whereas data security keeps it safe from unauthorized access or distribution in the first place.
Data security is a term for all the security solutions that help organizations protect their sensitive data from security risks such as data breaches, phishing, ransomware attacks, and insider threats. As a general rule, data security also draws on compliance requirements such as HIPAA and GDPR to simultaneously ensure data privacy.
Workload protection is the aggregate of cloud security controls and protocols that secure workload communications between environments. Interrelated to cloud workload security, workload protection mitigates vulnerabilities caused by inherent security risks such as misconfigurations. It’s also a key element of cloud security posture management (CSPM).
Malware is malicious software designed to invade a computer system and take hostile action—such as stealing or encrypting sensitive information, taking over system functions, or spreading to other devices—most often for profit. There are many types of malware, including ransomware, spyware, adware, trojan horses, and more, helping make it one of the most common kinds of cyberattacks. Malware will often implant itself via an email attachment or as a fake advertisement on a web browser.
SSL decryption is the process of unscrambling encrypted traffic to check it for cyberthreats as part of a full SSL inspection procedure. It’s a vital network security capability for modern organizations since the overwhelming majority of web traffic is now encrypted, and some cybersecurity analysts estimate more than 90% of malware may now hide in encrypted channels.
A shared responsibility model is a cloud security and risk framework that delineates which cybersecurity processes and responsibilities lie with a cloud service provider (CSP) and which lie with the customer. With more IT architectures moving to the cloud, a shared responsibility model promotes tighter security and establishes accountability as it relates to the security of the cloud.
SSL inspection is the process of intercepting and reviewing SSL-encrypted internet communication between the client and the server. The inspection of SSL traffic has become critically important as the vast majority of internet traffic is SSL encrypted, including malicious content.
Shadow IT is a term for SaaS applications employees access and use without the knowledge or permission of their information technology departments. Such applications aren’t inherently flawed or dangerous—“shadow IT” simply means an app is being used without IT’s explicit approval or oversight, which increases risk for an organization.
A reverse proxy is a server, app, or cloud service that sits in front of one or more web servers to intercept and inspect incoming client requests before forwarding them to the web server and subsequently returning the server’s response to the client. This supports security, scalability, and performance for websites, cloud services, and content delivery networks (CDNs). A reverse proxy offered as a cloud service is one of the deployment modes of a cloud access security broker (CASB).
The Purdue model is a structural model for industrial control system (ICS) security that concerns segmentation of physical processes, sensors, supervisory controls, operations, and logistics. Long regarded as a key framework for ICS network segmentation to protect operational technology (OT) from malware and other attacks, the model persists alongside the rise of edge computing and direct-to-cloud connectivity.