On the fence about embracing cloud-native DLP? You’re not alone. 

It’s tough to deny that the future of work-based IT lies in the cloud. Legacy systems and applications managed on-premises will inevitably become a thing of the past. Despite the level of cloud-based technology in use, however, many industries still have large amounts of data that has not yet been migrated to the cloud. In fact, hybrid data environments are so common they’re practically the norm. 

Unfortunately, when it comes to data loss prevention, hybrid environments add a lot of complexity to the question of how best to protect sensitive data in an organisation. They also add to the cost of embracing cloud-native solutions, often necessitating data migration for total coverage. That, in turn, requires a significant mindset shift to overcome “familiarity bias” and accept that a new solution is as good, if not better, than the existing one. 

To shed light on these challenges, Microsoft conducted a survey amongst risk/compliance professionals from numerous organisations in various DLP “states”. The intention was to understand their current approach to DLP, their perceptions of the benefits and drawbacks of cloud solutions, and the most common barriers delaying the adoption of cloud-native DLP solutions.  

Of the survey respondents, 63% were categorised as “hybrid”, 24% as “cloud-focused” and 14% and “on-premises-anchored”. While the report examines the different attitudes and influences within these groups, it showed the key barriers and challenges were largely universal. 

These include: 

  • Inertia – Feeling comfortable with the existing level of DLP challenges, and reticent to “rock the boat” despite the desire to migrate DLP to the cloud in future.  
  • Fear of the unknown – From potential costs to migration workloads to change management and loss of program ownership, the “what ifs” of DLP migration are a common barrier for executives, administrators and managers alike. 
  • Time and money – The upfront costs of DLP migration are perceived as high, as is the time investment required to evaluate a new solution.  
  • Complexity – DLP migration is perceived as highly complex, with concerns linked to the impact of data transformation on the migration experience. 
  • Productivity – Concerns over DLP disrupting business processes and impacting employee productivity. 
  • Education – The challenges (and importance) of successfully educating employees on safe data handling practices. 
  • Regulatory compliance – The complexities of translating existing DLP controls into effective cloud policies that successfully prevent breach events (particularly in collaboration applications) without flagging absolutely everything. 

If your organisation is grappling with any of these barriers, we highly recommend reading Microsoft’s report. It’s refreshingly business-focussed, steering away from the technical details to remain firmly in the realm of “why”, with some very practical ideas on “how”.  

While you’re at it, keep in mind that our Cloud Essentials team is well-equipped to assist in your DLP decision-making process. Our team includes Microsoft technical experts as well as experienced risk/compliance experts, helping us bridge the gap between your business requirements and the technical capabilities available – and vice versa.  

Together, we can address all the unknowns (and other barriers) standing in the way of your organisation’s DLP progress to bring confidence to your decision-making and forward momentum to your compliance maturity journey. 

Get in touch. 

What is data loss prevention (DLP)?

Microsoft defines DLP as “a strategy that uses a combination of people, processes, and technology to ensure that sensitive data is not lost, misused, or accessed by unauthorized users. DLP protects an organisation’s data against accidental or malicious sharing that could put the organisation at risk. DLP solutions help control endpoint activities, filter data streams on corporate networks, and detect data in the cloud to protect data at rest, in motion, and in use.” 

What does Microsoft’s DLP solution offer?

Microsoft’s DLP solution (part of the Purview security suite) offers intelligent detection and control of sensitive information across Office 365, OneDrive, SharePoint, Microsoft Teams and endpoints. 

The only way to really know if we’re a good fit is to get in touch, so let’s have a chat! One of our friendly experts will get straight back to you. You never know, this could be the beginning of a great partnership.
Bristol
Cape Town
Johannesburg
Email