More than 80% of organizations have had sensitive SaaS data exposed, according to Resmo’s “The State of SaaS Security” report. That’s more than three-quarters of all organizations with data vulnerability.
Your job as an MSP is, of course, to prevent breaches in the first place. But not far below that on the priority list is preventing data loss in the event of a breach.
With how quickly the cybersecurity world moves — and how creatively hackers evolve — it’s a matter of when, not if, your customers will experience a breach.
The difference between a catastrophic breach and a damage-free one? Robust data loss prevention (DLP) strategies.
Data loss is expensive, time-consuming and annoying. Not to mention, the reputational harm of letting loose something like a list of employee Social Security numbers.
But beyond that, data is the currency by which cybercriminals operate. Ransomware is on the rise (including even automated ransomware). If hackers can steal data from a business, they can hold it hostage until that organization writes them a fat check.
It’s estimated that by 2028, the global cost of cybercrimes will reach $13.82 trillion, according to Forbes.
You don’t want your customers contributing to that total.
So what’s an MSP to do in the face of all this cybercrime?
You need DLP tactics in place (yesterday, preferably, but today’s a good start too).
This is not only to prevent damaging data loss. But DLP strategies — and the technology to support them — can also be essential for compliance requirements.
DLP in healthcare can empower HIPAA compliance, for example. Other industries, like finance, might have specific data privacy regulations they have to fulfill.
1. Policies and practices
Sometimes, organizational data loss doesn’t come from someone being devious. It could have been an honest mistake.
That’s why having DLP rules in place for all of your customers’ end users is so critical. These status-quo practices should limit sharing of data outside the organization (either intentionally or accidentally).
MSPs should design DLP rules for things like:
2. Data categorization
Not all data is created equal. A Social Security number is a lot more valuable to a hacker than, say, the marketing team’s brainstorming document for a new tagline (although one’s probably more interesting to read).
An organization’s internal data can be divided into a few categories:
Certain file-sharing platforms, like Microsoft OneDrive, can use machine learning to scan files for sensitive info (like those Social Security numbers). If those files are shared outside the organization, the cloud platform will send an alert.
SaaS Alerts can play a vital role within an overall DLP strategy. It offers:
Rapid visibility: It’s up to you and your customers to design the tailored rules and settings that make sense for that business. But what SaaS Alerts can provide is continuous visibility when someone breaks one of those rules.
Just set up alerts (low, medium or critical) within the platform, based on the policies you’ve established. We’ll take it from there — and ring the alarm when it’s time to take action.
Account behavior monitoring: Even if an end user hasn’t broken a rule yet, SaaS Alerts’ monitoring tools helps you keep track of when they’ve started toeing the line.
Maybe someone has shared more documents than normal or is inching closer to an established file-download limit. You can use SaaS Alerts to track behavior — and shut an account down if it gets too suspicious.
Automated remediation tools: So a DLP rule gets broken. Now what? Several years ago, even if you did get an alert that something was wrong, you’d have had to manually fix the problem on your own.
Now, with SaaS Alerts, you can rely on automation to handle lower-level remediation. Just head into the Respond module and set up customized automated remediation actions based on specific indicators of compromise.
SaaS Alerts will automatically lock an account, shut down dangerous file sharing activity and more, based on those behaviors. That’s peace of mind.
These automated rules even helped one of our partners get back to his New Year’s Eve celebrations when he noticed an alert that a customer had been breached.
“By the time I saw it, SaaS Alerts blocked the sign-in, changed the password and mitigated the risk right away. It would have been a big deal if that automation wasn’t there.”
