SaaS App Adoption Creates New Blind Spots for Data Leakage in the Enterprise

Imperva Skyfence to protect against confidential data leakage for customers

Imperva, Inc. (NYSE: IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today, announced the release of Imperva Skyfence Cloud Gateway v4.5 with Data Leak Prevention (DLP), a cloud security capability that is designed to enable customers to control, in real-time, sensitive and regulated data stored in the cloud. Cloud security is important as companies and their employees rely on SaaS and cloud applications for data management and information sharing.

According to a recent Gartner report, “Most DLP products do not fully support discovery and monitoring of a wide variety of cloud applications and cloud storage solutions.” The report adds that organizations should “consider deployment of cloud access security brokers (CASBs) as a means to gain better visibility and control of data delivery from mobile devices to cloud applications and cloud storage.”1

Skyfence currently supports hundreds of document sharing applications including Box, Dropbox, Office 365, and Google Apps, which facilitate file-sharing and collaboration among users inside and outside the organization. Beyond just the number of file sharing applications available, these apps are often accessed from a variety of managed and unmanaged devices, potentially making rapid data proliferation more widespread and harder to control. Additionally, this creates new avenues for sensitive and regulated PII, PCI, and HIPAA data to maliciously or unintentionally leak from the organization.

“Our data reveals that one-third of our customer organizations have, on average, two or more document and file-sharing systems in use at any given time, some of which are company-mandated, and some simply employee-elected. This can leave business-critical data extremely vulnerable to theft,” said Ofer Hendler, general manager, Imperva Syfence. “Skyfence Data Leak Prevention features help organizations manage how sensitive and regulated data is shared in the cloud, and also help control its proliferation to untrusted devices. Skyfence DLP can also integrate with an organization’s existing DLP solutions to easily extend policies to both cloud and mobile use cases.”

By implementing the DLP feature in Skyfence Cloud Gateway, organizations can facilitate employee collaboration and productivity while also supporting compliance with applicable regulations, industry standards and best practices. The Skyfence layered approach to cloud DLP allows organizations to be more accurate and efficient in controlling data leakage, with capabilities aimed to:

  • Gain a comprehensive view of the various file-sharing apps in use within the organization, including data movements to and from the cloud, and user actions taken with regard to sensitive data
  • Distinguish between managed and unmanaged devices in order to control and protect against data proliferation and enforce unique policies for each
  • Protect against uploads of sensitive information to public cloud services
  • Restrict downloads and viewing of data and files based on endpoint device type, location, user, or data type
  • Utilize “out of the box” data identifiers to support compliance with regulations such as  PCI, SOX, HIPAA,  or define customized data identifiers with phrases, patterns, and dictionaries to control an organization’s intellectual property in the cloud
  • Integrate Skyfence DLP with existing on-premise DLP solutions to leverage an organization’s existing infrastructure and policies