We\u2019re living in a seismic era for data security. Chief information security officers (CISOs) have to contend with a digital landscape that seems to shift daily as more organizations move to remote and hybrid work, redrawing the boundaries for how data is used and shared. The cloud has enabled continuous collaboration, with employees creating and sharing documents easily through chat and email. This unbounded digital estate has also created new opportunities for data exfiltration, and that possibility has many organizations rethinking their approach to data loss prevention (DLP).<\/p>\n\n\n\n
Forward-thinking organizations are seeking to future-proof their DLP strategy with a comprehensive solution that scales across all applications, services, endpoints, and platforms. To help those that may be considering a DLP migration, Microsoft spoke to more than 300 data and compliance professionals to create the white paper “Data Loss Prevention: From on-premises to cloud<\/a>.” We\u2019ve presented some of the study\u2019s highlights here, including common DLP states in use, challenges in migrating to a new DLP solution, best practices, and the benefits of adopting a cloud-native DLP solution.<\/p>\n\n\n\n \u201cData is not confined in a certain area. In today\u2019s environment, it\u2019s everywhere: someone else\u2019s phone, tablet, data center, or software as a service application\u2014because of that, you definitely see a lot more breaches happening.\u201d<\/em><\/p>\n\n\n \u2014Vice President, Information Security Officer, Financial Services<\/p>\n\n<\/blockquote>\n\n\n\n We can define DLP<\/a> as the people, processes, and technology that ensure data is not lost, misused, or accessed by unauthorized users. Our research revealed that 70 percent of companies see their DLP solution as a focal point of their overall data protection strategy. For that reason, a good DLP solution uses a holistic approach to protect the organization\u2019s data assets, aid regulatory compliance, and prevent data leakage by monitoring all endpoints, apps, services, and the cloud\u2014anywhere data is stored or shared. Most respondents said their ideal solution would be cloud-native DLP, which could provide scalability and flexibility, balancing protection and productivity.<\/p>\n\n\n\n An organization\u2019s DLP can exist in five different stages with regard to deployment, starting from 100 percent on-premises (obsolete) and moving to 100 percent cloud-native (ideal). For this study, we focused on the three stages in the middle that involve some level of cloud deployment.<\/p>\n\n\n\n Overall, the study found that organizations in on-premises-anchored states are experiencing the most discomfort.<\/strong> Hybrid organizations report feeling like they\u2019re in a holding pattern, spending time and effort maintaining complex integrations and multiple DLP solutions across data environments. Fifty-nine percent of organizations with a hybrid DLP configuration report a desire to move to a cloud DLP solution<\/strong>.<\/p>\n\n\n\n The goal<\/em>\u2014cloud-native DLP: <\/strong>Beyond the cloud-focused stage, this is the desired destination. At this point, an organization\u2019s DLP solution is fully cloud-native and the firm can benefit from scalable, holistic data protection across applications, services, endpoints, and platforms\u2014all without hindering productivity or adding staff.<\/p>\n\n\n\n \u201cIt doesn\u2019t make sense to maintain two or three different solutions because then you have to keep them updated, you have to make sure that there\u2019s not a whole lot of difference between one, two, and three. So, you want to create the benefits and the economic savings of standardization. That\u2019s why consolidation is critical.\u201d <\/em><\/p>\n\n\n \u2014Director, Technology Services<\/p>\n\n<\/blockquote>\n\n\n\n In migrating your DLP solution, there are two options: a cloud-based or a cloud-native DLP solution. Both types will require the recreation of legacy policies, so how can you decide which solution better suits your organization?<\/p>\n\n\n\n Organizations that use a cloud DLP solution were twice as likely to say that cloud-native DLP solutions are easier to scale and provide a better balance of data protection and productivity.<\/strong> A cloud-native solution can also help reduce costs by eliminating the need for agents, infrastructure, or custom integrations while replacing inefficient silos and patchwork solutions that can create vulnerabilities. Organizations may also see improved performance because the data has to make fewer hops, enabling greater productivity.<\/p>\n\n\n\n As a cloud-native DLP solution, Microsoft Purview Data Loss Prevention<\/a> provides all of the above benefits, with the added power of Adaptive Protection<\/a> to help apply DLP policies dynamically based on users\u2019 risk levels. By leveraging machine learning in Microsoft Purview Insider Risk Management<\/a>, Adaptive Protection can understand how users are interacting with data, assign risk levels, and automatically tailor DLP controls. This enables DLP policies to become dynamic, ensuring that the strictest policies\u2014such as blocking data sharing\u2014are applied only to high-risk users. Microsoft Purview Data Loss Prevention does all this automatically wherever data is accessed or shared, so you can protect more data (with less).<\/p>\n\n\n\n To better understand the barriers keeping companies from moving to cloud-native DLP, the study looked at the on-premises-anchored respondents, who are nearly twice as likely to cite apprehension about the unknown as a barrier to migration. We found five common themes reported as challenges preventing their DLP cloud migration:<\/p>\n\n\n\n In an encouraging finding, respondents who\u2019ve had experience migrating to a cloud-native solution report that the journey is not as difficult as others might imagine. Cloud-focused organizations were 46 percent less likely to say it\u2019s risky to switch solutions. <\/strong>For the same firms, 60 percent were less likely to worry about losing control of their DLP program after migrating.<\/strong> They\u2019re also 35 percent less likely to view recreating policies from their legacy DLP solutions as a major concern. In other words, migrating your DLP to a cloud-native solution isn\u2019t as scary as it might seem.<\/p>\n\n\n\n Moving to the cloud helps your organization future-proof its DLP solution, protecting your data across endpoints, clouds, and platforms with speed and scalability that on-premises solutions can\u2019t match. By following a few guiding principles, your organization can achieve an effective DLP program that builds confidence and drives success.<\/p>\n\n\n\n For a small number of organizations, industry regulations, compliance, or budget constraints may prevent them from fully migrating to the cloud. However, our study concludes that the cloud-native state provides the ideal DLP approach for a majority of companies<\/strong>, with migration from the other stages as an inevitable progression.<\/p>\n\n\n\n To learn more about migrating your DLP solution, make sure to download the complete study, Data Loss Prevention: From on-premises to cloud<\/a>, containing 44 pages of valuable insights gathered from more than 300 DLP and compliance professionals. For an in-depth example of DLP migration complete with screenshots, check out this special how-to blog written by my colleague, Shilpa Bothra, Senior Product Marketing Manager for Microsoft Purview Data Loss Prevention<\/strong>: Easily migrate your Symantec DLP policies to Microsoft Purview Data Loss Prevention<\/a>. And don\u2019t forget to join us for the inaugural Microsoft Secure<\/strong><\/a>,<\/strong> March 28, 2023<\/strong>, where you can learn the latest cloud defense insights and be among the first to see the AI-powered future of cybersecurity.<\/p>\n\n\n\n Learn more about Microsoft Purview Data Loss Prevention<\/a>.<\/p>\n\n\n\n To learn more about Microsoft Security solutions, visit our website<\/a>. Bookmark the Security blog<\/a> to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security<\/a>) and Twitter (@MSFTSecurity<\/a>) for the latest news and updates on cybersecurity.<\/p>\n","protected":false},"excerpt":{"rendered":" Learn the three stages of migrating to cloud-based data loss prevention (DLP), along with how to overcome perceived challenges to create a scalable, holistic DLP solution.<\/p>\n","protected":false},"author":168,"featured_media":126389,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"ms_queue_id":[],"ep_exclude_from_search":false,"_classifai_error":"","_classifai_text_to_speech_error":"","footnotes":""},"content-type":[3659],"topic":[3669,4121],"products":[3710,3717],"threat-intelligence":[],"tags":[],"coauthors":[2200],"class_list":["post-126376","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","content-type-best-practices","topic-data-protection","topic-data-security","products-microsoft-purview","products-microsoft-purview-data-loss-prevention"],"yoast_head":"\n\n\n
The stages of DLP deployment<\/h2>\n\n\n\n
\n
\n\n
Benefits of leveraging a cloud-native DLP solution<\/h2>\n\n\n\n
\n
Key challenges of migrating to a DLP solution<\/h2>\n\n\n\n
\n
Four best practices for migrating your DLP solution to the cloud<\/h2>\n\n\n\n
\n
Migrate to a cloud-native DLP solution\u2014Microsoft is here to help<\/h2>\n\n\n\n