Reco.ai<\/a> says it’s time to look beyond the veil of DLP and take a better approach to data security.<\/b><\/em><\/p>\n![\"Expert](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/01\/Expert-100x100-1.png\")
The mass adoption of SaaS applications at a relatively quick speed has ushered in new ways of working in far more efficient and collaborative ways. But too often, these tools weren\u2019t built with security in mind. Now, employees are sharing information across them, but seldom does the organization \u2013 and specifically, the security team \u2013 even know what information is being sent across these tools. And in this case, what you don\u2019t know can hurt you.<\/p>\n
In the era where everything was on-prem, on physical servers, protecting the data on those servers was paramount. However, with SaaS, things have progressed so quickly that organizations and IT teams haven\u2019t always been able to keep up with the strategy needed for protecting the data in these apps. Not knowing and not having visibility into sensitive SaaS data carries inherent risks \u2013 reputational, regulatory, financial, security \u2013 which are often \u201coverlooked\u201d as it isn\u2019t a \u201ccurrent problem.\u201d In other words, many are concerned, but since it hasn\u2019t been specifically targeted or exploited yet, they choose to have written rules in place but kick the can down the road when it comes to actually addressing the problem. This is a perfect recipe for a dangerous incident just waiting to happen.<\/p>\n
Organizations need a new approach that goes beyond legacy tools like data loss prevention (DLP) and provides more context. This will help IT teams get a handle on who is sharing what, where and when, and how to put the right security focus on the most sensitive information.<\/p>\n
Widget not in any sidebars
<\/p>\n
Where Legacy Tools Fall Short<\/strong><\/h3>\nIn the on-prem days, every organization had their servers, and they had software and applications to protect the data, encrypt it and restrict access to that data. And in most cases, those tools worked pretty well. But the infrastructure underneath these tools and environments has largely shifted to SaaS. And the ability to maintain control over the data being shared, and the notion of perimeter security, has gone out the window.<\/p>\n
Most legacy security tools were structured and fitted for the on-premises world. Older DLP tools, for instance, were meant for those use cases \u2013 and they were using pretty basic classifiers for the data that was created on those servers. An example would be \u201cIf the file has extension Y, allow the movement of this data.\u201d Or \u201cThis file is highly restricted confidential because it\u2019s got customer data.\u201d This all worked fairly well when that was the only thing you could be concerned with, but when everyone shifted to SaaS, those black-and-white abilities for those tools to apply their static logic on their data ended up \u201cbreaking\u201d as the DLP tools cannot accommodate unstructured data sets. Data teams or security teams have basically lost the ability to have the necessary visibility into the sensitive data within all of the different SaaS platforms used.<\/p>\n
In a SaaS environment, legacy tools overwhelm security teams with false positives. The tools can\u2019t keep up, and they prevent businesses from running smoothly and efficiently. It\u2019s no longer a black-and-white situation. Organizations need a way to be confident about what data is sensitive so they can apply context to stop data loss based on the users and data involved, all while enabling normal businesses to function.<\/p>\n
New Use Cases Require a New Approach<\/strong><\/h3>\nTo assess the risk that\u2019s associated with all the data traversing your SaaS applications, you need the ability to discover it in an unstructured \u201cworld map\u201d and classify it. In a SaaS world, you need additional context to ascertain the real level of sensitivity of a given file or data set. You need to be able to determine who is sharing the information, which will help ascertain how sensitive it is or isn\u2019t.<\/p>\n
This is fundamental to any data security program; otherwise, everything that follows will be false. But organizations tend to avoid it because it can seem daunting and overly time-consuming. Most organizations know they have a blind spot when it comes to visibility and what data is going where, but they don\u2019t have the resources or time to go through all of the SaaS applications or Google folders to determine what is and isn\u2019t sensitive. It\u2019s a manual that requires everyone across departments to participate \u2013 unless there is an automated way to address it.<\/p>\n
Taking Action and Mitigating Risk <\/strong><\/h3>\nSo, what if this could be done in an automated fashion? What if you could develop additional levels of classification based on context? There are new solutions being introduced to the market that are trying to tackle this challenge. It is considerably simpler to lower the risk level when there is a means to automatically assess the interactions between both people and the data they are accessing. Even better would be having a mechanism to deliver true alerts whenever potentially sensitive material is exchanged.<\/p>\n
Organizations need a solution that can automatically map the data continuously using business-based analytics. It would then estimate the risk level associated with accessing, deleting, sending or sharing sensitive data. Instead of relying solely on one attribute, today\u2019s new solutions use analytics to cross-reference the data with the users interacting with it. This enables your teams to accurately determine the level of risk, and if necessary, you can work toward lowering risk. You want to be certain that an action is necessary rather than just stopping legitimate business in its tracks. In cases when corrective action is required, your teams can change who can access the data, store it more securely or enforce configuration settings.<\/p>\n
It’s Time for a Change<\/strong><\/h3>\nOrganizations have increased their use of SaaS apps by at least 44 percent since the pandemic began. The data security threat of using these apps is real, but legacy security solutions aren\u2019t equipped to deal with the threat. It\u2019s time to look for solutions that offer better control and visibility over all the information being shared within SaaS apps \u2013 without slowing business down.<\/p>\n
Widget not in any sidebars
<\/p>\n","protected":false},"excerpt":{"rendered":"
Solutions Review\u2019s Expert Insights Series is a collection of contributed articles written by industry experts in enterprise software categories. Red Curry of Reco.ai says it’s time to look beyond the veil of DLP and take a better approach to data security. The mass adoption of SaaS applications at a relatively quick speed has ushered in […]<\/p>\n","protected":false},"author":671,"featured_media":4515,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551,1],"tags":[],"acf":[],"yoast_head":"\n
Going Beyond DLP: A Better Approach to Data Security<\/title>\n<meta name=\"description\" content=\"Red Curry of Reco.ai says it's time to look beyond the veil of DLP and take a better approach to data security.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Going Beyond DLP: A Better Approach to Data Security\" \/>\n<meta property=\"og:description\" content=\"Red Curry of Reco.ai says it's time to look beyond the veil of DLP and take a better approach to data security.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions & Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2023-05-19T19:51:37+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-19T19:53:53+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Red Curry\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Red Curry\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/\",\"name\":\"Going Beyond DLP: A Better Approach to Data Security\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg\",\"datePublished\":\"2023-05-19T19:51:37+00:00\",\"dateModified\":\"2023-05-19T19:53:53+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/b8c10233afaee741fc8eb731576ad2db\"},\"description\":\"Red Curry of Reco.ai says it's time to look beyond the veil of DLP and take a better approach to data security.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg\",\"width\":800,\"height\":400,\"caption\":\"DLP\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Going Beyond DLP: A Better Approach to Data Security\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions & Vendors\",\"description\":\"Buyer's Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/b8c10233afaee741fc8eb731576ad2db\",\"name\":\"Red Curry\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d0a5d224cecd30deb245cf79ea28d990?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d0a5d224cecd30deb245cf79ea28d990?s=96&d=mm&r=g\",\"caption\":\"Red Curry\"},\"description\":\"Red Curry is a Boston-based CMO, creative director, graphic designer, and master storyteller with over 15 years of experience leading creative and strategic teams for companies such as RSA\/EMC, Mettler Toledo, and SSH Communications Security. In addition to his expertise in design, Red has established himself as a thought leader in the cybersecurity industry, with over 15 years of experience working to protect sensitive data and combat cyber threats. Red's work spans across various industries, including manufacturing, retail, and cybersecurity. Red's philosophy is to use a balance of mediums to tell stories that showcase a company's unique qualities and inspire action. Red is passionate about generating ideas that build brand recognition and help companies stand out in today's competitive landscape.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/rcurry\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Going Beyond DLP: A Better Approach to Data Security","description":"Red Curry of Reco.ai says it's time to look beyond the veil of DLP and take a better approach to data security.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/","og_locale":"en_US","og_type":"article","og_title":"Going Beyond DLP: A Better Approach to Data Security","og_description":"Red Curry of Reco.ai says it's time to look beyond the veil of DLP and take a better approach to data security.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","article_published_time":"2023-05-19T19:51:37+00:00","article_modified_time":"2023-05-19T19:53:53+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg","type":"image\/jpeg"}],"author":"Red Curry","twitter_misc":{"Written by":"Red Curry","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/","name":"Going Beyond DLP: A Better Approach to Data Security","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg","datePublished":"2023-05-19T19:51:37+00:00","dateModified":"2023-05-19T19:53:53+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/b8c10233afaee741fc8eb731576ad2db"},"description":"Red Curry of Reco.ai says it's time to look beyond the veil of DLP and take a better approach to data security.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg","width":800,"height":400,"caption":"DLP"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/going-beyond-dlp-a-better-approach-to-data-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Going Beyond DLP: A Better Approach to Data Security"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions & Vendors","description":"Buyer's Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/b8c10233afaee741fc8eb731576ad2db","name":"Red Curry","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d0a5d224cecd30deb245cf79ea28d990?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d0a5d224cecd30deb245cf79ea28d990?s=96&d=mm&r=g","caption":"Red Curry"},"description":"Red Curry is a Boston-based CMO, creative director, graphic designer, and master storyteller with over 15 years of experience leading creative and strategic teams for companies such as RSA\/EMC, Mettler Toledo, and SSH Communications Security. In addition to his expertise in design, Red has established himself as a thought leader in the cybersecurity industry, with over 15 years of experience working to protect sensitive data and combat cyber threats. Red's work spans across various industries, including manufacturing, retail, and cybersecurity. Red's philosophy is to use a balance of mediums to tell stories that showcase a company's unique qualities and inspire action. Red is passionate about generating ideas that build brand recognition and help companies stand out in today's competitive landscape.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/rcurry\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/4514"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/671"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=4514"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/4514\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/4515"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=4514"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=4514"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=4514"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"DLP\"](\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2023\/05\/Going-Beyond-DLP-A-Better-Approach-to-Data-Security.jpg\")
<\/p>\n