Artificial Intelligence in DLP and how not to be fooled

Data management and security practices are changing rapidly as data is now fully distributed and hosted in the cloud. Every organisation uses hundreds of software-as-a-service (SaaS) applications, many of which are not approved by the company.

SaaS applications allow users to access them from anywhere at any time, improving productivity and collaboration, so ‘shadow IT’ has become one of the biggest headaches for corporate IT. Distributed data poses the challenge of preventing data loss.

While cloud technology has enabled enterprises to not lose a second during and after the pandemic, this shift creates a new IT challenge of managing fully distributed data that is no longer local.

Data everywhere

The traditional ‘hub and beam’ security model is not enough to protect data in the cloud. Every organisation should think about implementing modern data loss prevention (DLP) methods.

This is how ZKast was held with Moynul Khan, Vice President, Product Management, Zscaler. The event discussed the importance of data protection in the cloud. Khan explained why DLP should not be a long and time-consuming process, taking up the time and resources of the security team.

Useful excerpts from the interview

Zscaler is a pioneer in using the cloud for security. He now uses the cloud to protect data. Zscaler believes that platform strategy is key when data protection, Secure Web Gateway (SWG), Cloud Access Security Brokers (CASB) and Zero Trust Network Access (ZTNA) are integrated into one platform. All of these elements come together in the Security Service Edge (SSE) concept introduced by Gartner in 2021.

SSE protects access to the internet, cloud services and private applications. Conceptually, Zscaler has used SSE from the beginning with its Zero Trust Exchange cloud platform, which securely connects users, applications and devices across any network. Zscaler later raised the bar on application monitoring with Zscaler Digital Exchange (ZDX), a subscription-based service provided on the Zero Trust Exchange platform. ZDX focuses on both improving user interaction and ensuring robust security by identifying various bottlenecks.

These two go hand in hand. If the user experience suffers because of security, end users will be dissatisfied. In the cloud era, organisations must have strong security that focuses on external and internal threats, as well as accidental data loss.

Internal threats are a big challenge for organisations. They can come from anywhere, such as when employees leave the company and take sensitive data with them. Zscaler differs from other vendors in this area because it does not simply provide an overlay proxy like traditional DLP. The traditional DLP approach is ineffective at verifying structured and unstructured data. It requires constant policy adjustments, constant management of large groups, and high overhead. This is why Zscaler focuses on contextual DLP and different types of files leaving the room.