Reasons to Choose Nightfall
Understand the reasons to choose Nightfall DLP.
Last updated
Was this helpful?
Understand the reasons to choose Nightfall DLP.
Last updated
Was this helpful?
Unlike traditional IT environments, cloud systems have no . Historically, security revolved around keeping intruders out and hardening systems explicitly owned by an organization. However, the entire point of cloud adoption is to enable data to be wherever it needs to in order to be useful. As such, data itself is best thought of as part of your organization’s attack surface — the more data you have, the bigger your data exposure risk.
1. The cost of exposures tends to be higher in the cloud
2. Security and IT teams are stretched thin
3. It’s very difficult to consistently enforce proper data policies in the cloud
One of the key problems organizations face regarding security and compliance is ensuring that employees are aware of best practices and verifying that they’re following these guidelines. Without sufficient visibility into cloud systems, this can be very difficult to do for the reasons we’ve highlighted above.
4. The cloud shared responsibility model requires it
Data is growing rapidly in the cloud and many organizations don’t have the best handle on the data proliferating within cloud silos. The end result is that basic policy violations have the potential to expose a massive amount of records. We discussed this very issue in an article. In that post, we revealed that just five cloud data leaks in 2020 exposed nearly 27 billion records. The data was derived from our 16 year breach report . In the report, we illustrated that misconfigurations in cloud systems, especially those like AWS S3 and Elasticsearch, can result in disproportionately higher numbers of exposures because of the volumes of data stored in these systems.
SaaS systems aren’t exempt from this risk either. Systems like GitHub can contain secrets that can be used and collaborative tools like Google Drive, Jira, and Confluence may have files that are due to permissions misconfigurations. The commonality with all cloud exposures is that they can go on indefinitely until an organization is notified by an altruistic third party, or until they acquire the tools that let them see any data exposures.
It’s no secret that the cybersecurity industry is currently undergoing and that, at the same time, the . This leaves security professionals in the hard spot of triaging risk, possibly leaving gaps in some organizations’ security programs. Having a solution that can intelligently automate security tasks and only alert on events that are critical.
The shared responsibility model, , requires organizations to understand their risks and have the ability needed to address them. Organizations should begin this work by identifying and mapping critical cloud security areas to processes and solutions that are relevant. Ty Sbano, Sisense’s Chief Security & Trust Officer, briefly illustrates how resources like could be used to help with this process in the segment below.