Real Life Challenges: Finding Your Sensitive SaaS Data

“As we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns — the ones we don’t know we don’t know.”

— Donald Rumsfeld, Former Secretary of Defense

‍

The explosion in SaaS collaboration tool adoption such as Slack, Microsoft 365 or Google Workspace, in the wake of the forced changes in how organizations operate as a result of  their digital transformations and external factors related to COVID-19 pandemic.  These key factors  have left them scrambling to protect themselves against the unknown unknowns created by the tidal wave of sensitive information being created and shared.  Traditional data security protocols and solutions are rigid, relying entirely on one dimensional rules that don’t take into account the vast reams of unstructured data flowing to both internal and external users.

‍

That’s where Reco’s business context-driven data analysis comes into play. Reco uses advanced analytics to map, classify, and tag data, eliminating pesky unknown unknowns allowing for the efficient management and monitoring of large and complex amounts of unstructured SaaS data.  Reco takes the analysis to the next level by also correlating the sensitivity of the data with all of the attributes surrounding a user as well as the interactions between the data in question and other users involved.

‍

How The “New Way of Working” Has Impacted Business Collaboration

More than 80% of workers use collaboration tools, up 44% since the start of the pandemic. While this rapid increase has improved workplace efficiency, it’s also opened organizations up to greater data security threats and headaches due to the massive amounts of sensitive data at play. Unlike in the past, this data is not siloed in internal servers. The expansion of cloud based computing and the increased flow of information to external parties mean critical data is constantly in motion.

‍

How Does Reco Data Mapping Help Protect Businesses?

That’s where Reco comes in. Reco understands data mapping is fundamental in being able to establish a baseline in which organizations can then assess risk based upon the sensitivity of the data in question.  Reco is able to quickly automate this on-going process based on the metadata found within the SaaS applications used and is able to answer the following questions:

• Who has access to the data?
• Who is the owner?
• What sensitive data do I have?
• Where is it?
• How is it being used or shared/accessed?
• Do risky users or departments have access to it?

The answers to these questions allow Reco to make a context-based decision on whether to block sensitive data or send a data alert to the correct individuals.  Reco uses data access governance as well as customer data best practices to prevent breaches of unsecured sensitive files, such as payroll or customer information being shared via an externally accessible Google Drive.

‍

Protect Against Data Leaks While Expediting Business

One of the largest cybersecurity risks businesses face involves the transmission or exposure of sensitive data. The sheer amount and frequency of sensitive data being routinely transmitted within an organization or to external third parties has surpassed what legacy based data prevention tools can handle.  Traditional data security tools and the rules employed often impede business or are simply shut down as they create more work than they are worth.  This is why a flexible, context-driven approach is needed to parse through these unknown unknowns and protect sensitive data without impeding core business processes.

‍

For example, sharing a document containing employees’ Social Security numbers via Slack could represent a massive security breach, unless it’s to a trusted third-party vendor such as a payroll processor. Reco can use past data to analyze the situation, allowing the necessary information to go through. Meanwhile, if a malicious actor, such as a disgruntled employee, were to leak the same information to a competitor, Reco’s context-driven analysis would immediately raise an alert. With this approach, Reco dynamically analyzes routine interactions allowing Reco to spot dangerous deviations from normal behavior in real time.

‍

Don’t let inefficient legacy systems prevent you and your teams from conducting business. Get line of sight into the data ‘unknown unknowns’ to assess risk and enhance your business’s data loss prevention capabilities with Reco.