.jpg)
Les applications SaaS telles que Microsoft 365, Google Workspace et Salesforce sont désormais omniprésentes dans les entreprises. Avec une telle quantité de données d'entreprise résidant dans le cloud, une approche de la sécurité basée sur le périmètre n'est pas suffisante.
Pour mettre en œuvre des politiques de protection des données dans le cloud à travers les applications SaaS, le recours à un CASB (Cloud Access Security Broker) est devenu une nécessité.
Ce blog définit la protection des données dans le cloud et présente cinq organisations qui se sont tournées vers la solution CASB de Lookout, Lookout Secure Cloud Access, pour protéger leurs données dans les applications cloud. Bien que chacune de ces organisations ait suivi un chemin différent vers la transformation numérique, Lookout leur a permis de mettre en œuvre un système de sécurité des applications en cloud qui répond à leurs besoins uniques.
Qu'est-ce que la protection des données dans le cloud ?
Alors que les entreprises continuent d'adopter les services en cloud pour stocker et gérer leurs données, elles doivent également prendre des mesures pour atténuer les risques qui accompagnent les applications en cloud. Des problèmes tels que le partage accidentel de données, la fuite de données provenant des e-mails, les menaces internes, etc. sont devenus monnaie courante à l'ère du cloud, ce qui signifie qu'il est essentiel d'avoir un plan pour protéger vos données.
Un CASB est l'un des meilleurs moyens de protéger les données dans le cloud - il s'agit essentiellement d'une solution de prévention des pertes de données (DLP) qui fonctionne dans le cloud.
Lisez la suite pour savoir comment cinq entreprises ont testé la solution CASB de Lookout pour relever des défis concrets en matière de protection des données.
1. Une entreprise de construction partage ses données avec ses partenaires en toute sécurité
Les applications cloud sont devenues la méthode de référence pour partager des informations avec des tiers, mais elles offrent également une visibilité limitée sur ce qu'il advient des données sensibles une fois qu'elles ont été partagées. Parce que la collaboration est essentielle pour les entreprises de construction, qui s'appuient sur un vaste réseau d'employés, d'entrepreneurs et de fournisseurs pour faire avancer leurs projets, l'un des plus grands entrepreneurs commerciaux et civils des États-Unis s'est tourné vers Lookout pour aider ses employés à partager des documents contenant des informations sensibles avec des partenaires externes.
L'entreprise utilisait Box, Google Drive et Salesforce, et s'est rendu compte que ces applications cloud avaient des contrôles de sécurité limités en ce qui concerne le partage avec les tiers. Avec l'aide de Lookout, ils espéraient.. :
- Protéger les documents sensibles téléchargés sur des appareils non gérés
- Découvrir l'utilisation d'applications non approuvées, et se protéger contre les virus et les logiciels malveillants qui pourraient infecter les fichiers téléchargés par des tiers.
- Détecter les logiciels malveillants susceptibles d'infecter les fichiers téléchargés dans le cloud
They implemented Lookout Secure Cloud Access in an API-based deployment. By operating between user devices and cloud apps, the Lookout CASB solution serves as a critical tool for visibility and policy enforcement. And with native DLP and enterprise digital rights management (EDRM), the firm can take a granular approach to data protection and ensure that third parties can securely collaborate using cloud services.
A common set of DLP policies were created and enforced across Google Drive and Box, acting as guardrails to prevent users from accidentally sharing sensitive data, and EDRM added an additional layer of protection by encrypting files as they were downloaded so that policies extend into apps and devices the organization doesn’t manage.
2. A financial services firm prevents email data leakage
With employees constantly sending emails that contain sensitive company data to external parties, accidental data leaks are par for the course. When one large financial services company moved their email service to the cloud-based Microsoft Exchange Online with the Microsoft Outlook client, they realized how tricky it is to prevent data exposure via corporate email.
This company was using an on-premises email security solution, which made securing email in a cloud app incredibly convoluted. All outbound messages had to be backhauled to an on-premises data center before being sent back through the cloud and to recipients, which put an extra strain on the corporate network.
To solve this inefficiency, the company implemented the Lookout Secure Email Gateway, which eliminated the backhauling and enabled the client to apply unified DLP policies to their email traffic. With Lookout, the company was able to:
- identify and classify sensitive data within messages to prevent accidental exposure
- automatically block unauthorized recipients using content awareness and context analysis
- implement a broad range of remediation options to keep data secure without compromising productivity.
By including email security as part of their cloud app security, this financial services company was able to simplify their email workflow while implementing effective cloud data protection.
3. A large oil company migrates to the cloud
For organizations in highly regulated industries, keeping sensitive data protected while migrating to the cloud can be a challenging process. That's why one large oil and gas company based in southeast Europe turned to Lookout for cloud data protection as they began migrating their on-premises data and apps to public cloud infrastructure.
The organization was relying heavily on SAP for HR-related processes, and they needed to be able to adhere to strict privacy regulations when migrating to the cloud-based SAP SuccessFactors. Some of their top concerns during the process included integrating with existing security solutions and implementing access controls that could protect sensitive HR data.
After comparing vendors, they chose Lookout Secure Cloud Access with DLP as their CASB solution because of Lookout's ability to define and enforce policy at a granular level, ensuring users could get access to the tools they needed without being overly permissive. With so much sensitive HR data on the line, the company also liked that Lookout integrated seamlessly with Titus, their data classification system, and could guarantee that data unrelated to HR would not be uploaded to SuccessFactors.
4. Lantum protects against insider threats
Cloud data breaches don’t always come from outside threat actors — often, it’s employees who are responsible for data leakage. The UK-based company Lantum works with thousands of healthcare organizations and deals with highly sensitive data, and because of that protecting the organization against threats like account takeovers and insider threats is one of the company's top priorities.
Lantum uses Google Workspace, and they were concerned about the way sensitive data could be aggregated within Google Drive. They wanted to minimize the risk of data being shared outside an approved group, and they wanted more visibility over when sensitive data was being downloaded.
The company implemented Lookout Secure Cloud Access because it enabled them to protect cloud data from insider threats and compromised accounts by granting them newfound visibility into data, devices, and users. By continuously monitoring user behavior with Lookout’s UEBA capabilities, they can automatically enforce security policies and prevent malicious activities, which means they can be confident that data stored in Google Workspace stays protected.
5. A fintech company improves data security and compliance
Cloud apps can bring new complications to the already-complicated endeavor of compliance. After a period of rapid growth, a financial technology provider was faced with the challenge of protecting customer data and complying with regulations like the Payment Card Industry Data Security Standard (PCI DSS) and the California Consumer Privacy Act (CCPA).
The company had scaled quickly, and it became quickly apparent that they needed more visibility into their cloud data and app usage, and they needed to address issues including:
- using too many security solutions, which made it challenging to enforce uniform security policies
- aligning with compliance regulations, which had become more difficult as the customer base grew.
They chose Lookout to help solve these challenges, using Lookout Secure Cloud Access to secure their AI-powered, online financial platform, which hosted more than one million customer accounts. With Lookout's native DLP, they were also able to configure and maintain a uniform security policy for their expansive portfolio of SaaS apps. It also enabled them to create a unified set of IT policies to ensure data privacy and regulatory compliance, protecting sensitive data through actions like masking, watermarking, redaction, and encryption.
Why CASB needs a data-centric approach
When it comes to implementing cloud data protection, choosing the right security solution is critical. To find out more about the top use cases for CASB, download our free e-book, Protecting Your Cloud Data: The 5 CASB Use Cases You Can’t Ignore. You’ll learn about how Lookout’s unique, data-centric approach to security helps you keep your cloud apps secure.