Microsoft DLP Gaps and Limitations
Oftentimes people simply have the wrong idea of how Data Loss Prevention (DLP) works.
Many people view DLP platforms as a homogenous solution that “covers” the issue of data loss.
The reality however is much more complex.
Far from a singular challenge, DLP deals with a wide array of potential weaknesses in both the systems and procedures through which data is created, stored, and transmitted.
What this means practically, is that as IT tools become more complex and all-encompassing, the gaps in DLP are increasing. The more ways there are to access and manipulate data, the more holes in the fence there’ll be. It’s that simple.
Take the much-lauded Microsoft Teams, one of the most popular business communication platforms on the market.
To be sure, the folks at Microsoft know a thing or two about data security, and their Data Loss Prevention is rich in features and has a very wide adoption. Still, it is not uncommon for weaknesses to be discovered in the service.
Two of the most exploitable issues on Teams have to do with the access protocols for external users. First when a user is a Guest in an external tenant, and second when a user joins a meeting hosted by an external user.
Let’s examine the practical ramifications of this. Suppose your company has solid DLP policies and tools in place. All internal communications and transmissions of data outside the network are, at least in theory, protected. But now one of your employees goes to communicate with a collaborating firm using Microsoft Teams and utilizes their tenant as a Guest User. In that scenario, your security rules will not be replicated on that external tenant. This will allow the transmission of messages and files that violate your DLP policies.
Another consequence of the same flaws creates a DLP gap in external meetings. DLP for external chat sessions–ie, a chat with an external user–will only work if both the sender and the receiver are in Teams Only. If they aren’t in this mode, then DLP policies may very well not be activated.
Why Smart DLP Matters
These and other issues with legacy communication platforms highlight an essential truth when it comes to protecting data: static defense will always have flaws.
In order to ensure data is really being protected, a dynamic and adaptable solution is what’s required
GTB’s Data Security that Workstm platform is powered by patented AI technology, that learns the intricacies and behaviors of your network over time.
Visibility: Accurately, discover sensitive data; detect and address broken business process, or insider threats including sensitive data breach attempts.
Protection: Automate data protection, breach prevention and incident response both on and off the network; for example, find and quarantine sensitive data within files exposed on user workstations, FileShares and cloud storage.
Notification: Alert and educate users on violations to raise awareness and educate the end user about cybersecurity and corporate policies.
Education: Start target cyber-security training; e.g., identify end-users violating policies and train them.
For these reasons, GTB is a top choice among those who take data protection seriously and is used by major players across industries, including finance, healthcare, defense contractors, and government.