Symantec's Latest DLP Offering Aids GDPR Compliance
21.9.2017 securityweek Privacy
Symantec DLP 15 Helps Protect Sensitive Data in Managed and Unmanaged Environments and Aids in GDPR Compliance
In unpublished research, seen by SecurityWeek, 96% of U.S. CISO respondents agreed that "ensuring that our cloud applications adhere to compliance regulations is one of the most stressful aspects of my job."
The biggest compliance concerns all revolve around loss of control/visibility into the cloud. Twenty-six percent fear the inability to track activities in sanctioned cloud applications; 41% are concerned about employee use of unsanctioned cloud applications (when 24% of all enterprise cloud apps are unsanctioned); and 14% are concerned about the broad sharing of compliance-controlled data in cloud applications.
Symantec LogoThe research was commissioned by Symantec. Without specifying Europe's General Data Protection Regulation (GDPR), due to come into force next year, the responses are entirely relevant to growing concern over GDPR. Many of these concerns can be alleviated by adequate data loss prevention controls, provided they include loss prevention from the cloud.
In August 2017, Gartner predicted that data loss prevention (DLP) would see fairly dramatic growth over the next two years. "The EU General Data Protection Regulation (GDPR) has created renewed interest, and will drive 65 percent of data loss prevention buying decisions today through 18," it predicted.
Symantec this week announced a new version of its own DLP product -- version 15. It focuses on helping customers achieve and maintain GDPR compliance. "The upcoming General Data Protection Regulation (GDPR) introduces new obligations for organizations and the information they handle, and comes with increased penalties and heightened scrutiny for compliance," it announced. "Analysts believe that visibility and protection, which can follow data, will become the new imperative."
Two features are key to this: it protects sensitive data in managed and unmanaged environments; and helps to ensure that sensitive data doesn't get leaked through unsanctioned cloud applications. It does this by maintaing visibility into the cloud, and by protecting the data that is stored in the cloud.
It achieves this by integrating DLP and CASB products. "DLP v15 integrates with our CASB (CloudSOC)," said Sri Sundaralingam, head of product marketing for enterprise security products, "where a single set of data protection policies on our DLP system is automatically mapped to CASB to provide visibility into 3rd party cloud apps. We support 100+ SaaS applications (including Office 365, Salesforce, Box, Dropbox, and many other popular 3rd party cloud apps). Note that in addition to visibility, all reporting and incident management is done via a single console (DLP) as well."
Visibility is defined as understanding where your data resides; and it applies to both cloud and on-premise servers. "This is the most important aspect of data protection -- is having visibility to all the content that has data you want to protect (sensitive and regulated data)," he continued.
In GDPR terms, the Equifax breach demonstrates the danger of lost visibility. 400,000 UK citizens had personal data compromised. "This was due to a process failure, corrected in 2016, which led to a limited amount of UK data being stored in the US between 2011 and 2016," said Equifax UK. In short, Equifax, both in the UK and in the US, lost visibility into 400,000 UK records. Had GDPR already been in force, Equifax could add European sanctions to the US sanctions it already faces.
"This is where a system like DLP helps," Sundaralingam told SecurityWeek. "A DLP system’s core capabilities to scan all communication channels (email, web, cloud applications) as well as data storage locations (desktop/laptops, storage servers, USB) using advanced technology like machine learning (ML) and looking for specific patterns to discover sensitive/regulated data is critical. In DLP v15, Symantec has now also added user-driven tagging where end-users themselves can identify sensitive/regulated data and the system will learn from that as well. Without automation and advanced capabilities like ML it is difficult to manually identify where sensitive/regulated data is stored."