DLP: the New “Cost of Doing Business” for Enterprise Software Companies?
As enterprise software companies turn to SaaS business models, customer data is no longer housed by and under the control of the customer. Given the sensitivity levels of data housed in the cloud, many end-customers are pushing their SaaS software vendors to agree not only to a general data protection requirement but specifically to deploying some kind of data loss prevention technology. More often we see this as a contractual obligation for the software company – putting lucrative business contracts at risk for noncompliance.
When it comes to researching DLP solutions for this purpose, it’s critical to consider the customer data requiring protection. These data types are increasingly complex and not easily-identified by your average DLP regular expression pattern match or keyword. Data types like source code, machine learning models, and web meeting recordings won’t be accurately identified (or identified at all) using these legacy DLP detection methods.
New DLP approaches and sensitive data detection techniques that leverage data origin and lineage now make it possible to not only identify these unique data types, but to do so with a high degree of accuracy. And accurate data detection is key to effective data protection; you can’t protect what you can’t see, right?