IT security is entering a new phase. According to a recent APWG phishing trends report, in the first quarter of 2019, phishing of SaaS and webmail services surpassed payment services. This is an important inflection point for the new industry when one must take stock of the emerging threats.
According to Verizon’s 2019 data breach investigations report, 34% of breaches involved internal actors. Finally, based on a data privacy survey by egress, The five most common technologies that have led to accidental data breaches by employees are:
- Email services like Gmail and Yahoo (51 percent)
- Corporate email (46 percent)
- File sharing services like FTP sites (40 percent)
- Collaboration tools such as Slack and Dropbox (38 percent)
- SMS/Messaging Apps like G-Chat and WhatsApp (35 percent)
IT leaders need to ask: "Is the new technology making it easier to leak sensitive information?" and "do I have the correct framework to deal with the data leak prevention?"
How do IT leaders approach the problem?
One way is to do what Microsoft did which according to a recent news is to ban slack and any applications that are deemed as less secure.
Another approach is to use the paradigm of defense in depth. Like the marketing 4Ps, we can think of DLP’s 4Ps as: Protect the data, protect the communication channel, protect the network and protect the infrastructure. In a SaaS world, one needs to focus on 2 P’s, protect the data and protect the communication channel, while the cloud provider takes care of the other two. Protecting the data starts with identification and classification of the data. Once data is classified and tagged then the next step is to block the data from leaking through the communication channels. Easier said than done. This is where Gamma can help.
Gamma’s Email Security uses machine learning & AI to automatically scan emails and attachments. It protects your email across Gmail, Office 365, Slack, and other SaaS applications. Gamma’s customizable email security warns users, notifies administrators and a lot more.
