The BYOC & BYOD Enterprise Problem
Cloud Services are growing at an exponential rate for both business and personal use.
Cloud providers today allow private people (maybe your employees) to create powerful computing environments in the cloud by creating their own machines. The BYOC (bring your own cloud) Users may choose any flavor of Windows, Unix and other VM machines. Such computers are created in a virtual environment and take minutes to create.
When such machines are available, users may copy data from their own home or work machine to the cloud machine by Copy and Paste or just Drag and Drop. Such actions are mostly done utilizing the HTTPS protocol but often we see Cloud providers using Secure RDP.
This creates a huge problem for organizations as there is no Visibility to such protocol. Employees can copy/backup their entire C drive to the Cloud in few minutes. These transmissions are a significant risk of data loss to the organization since most 'content aware' DLP systems do not have visibility to such breaches.
How is an organization able to monitor such activities and Block valuable Data from being copied?
How can you ensure that all data, which should be encrypted, actually is prior to leaving the network or cloud?
An important point:
Most "DLP" solutions are NOT DLP, as the major key to successful DLP deployment is to reduce the number of incidents to a minimum by setting up the system to report only pertinent violations. Many DLP systems fail in accurately detecting incidents and instead report thousands of irrelevant events. Most vendors will refer to this phase as "Tuning"; for us, tuning equates to "FAILURE".