Three Myths About Protecting Data and Sensitive Intellectual Property from Insider Threats

The world is operating quite differently from a year ago. Working from everywhere has redefined the security perimeter as we know it. People are the new perimeter. With the changing nature of the way people interact and share data, traditional approaches to managing data loss should also be challenged.

Here are three common myths about protecting data and sensitive Intellectual Property from insider threats:

Myth 1: Insider threat management is about protecting data

In the past, traditional data loss prevention (DLP) tools were mostly data centric. With insiders, it’s critical to monitor not just the data, but how users are interacting with it. Traditional DLP tools don’t necessarily give you the level of context needed to understand the full chain of events when it comes to user behaviors. Combining DLP tools with a dedicated insider threat management platform provides that context, thus reducing the likelihood of false positives.

Myth 2: Endpoint scanning is the be-all and end-all

If you look back to a decade ago, most data lived on the endpoint. It made sense, then, that security teams relied on endpoint DLP monitoring to get visibility into sensitive data and IP loss. A more modern way to attack this problem is to scan the data in the cloud, label it using data classification technologies and then have the endpoint read that label to serve as the enforcement point.

Myth 3: Incident response has to be a lengthy process

Unfortunately, the longer an insider threat incident lingers, the costlier it gets for organizations. Traditionally, investigations have dragged on because DLP tools lack context into the user activity surrounding an alert. A full incident response process is about looking at user and data interactions across multiple channels like email, cloud, endpoint, and then putting the user in context in a unified view. A dedicated insider threat management solution can help the security operations team understand exactly who did what, when, where and why – sometimes within minutes.

Read Nirav Shah’s full blog here.

To learn more about protecting sensitive data and Intellectual Property with the Proofpoint portfolio, please contact your local Exclusive Networks Account Manager.