One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8623456 |
| Date de publication | 2024-12-11 07:02:00 (vue: 2024-12-11 14:07:57) |
| Titre | Why a Global Services Company Chose Proofpoint to Defend Its Data |
| Texte | In today\'s fiercely competitive environment, keeping an organization\'s crown jewels safe has become a C-level imperative. And it\'s easy to see why: data is the lifeblood of every organization. What\'s more, it\'s what differentiates it from competitors. This is especially the case for services companies, which rely on scalability, speed and partnerships for their success. In this blog post, we share insights from a global Fortune 500 services company about why they chose Proofpoint over Microsoft to protect their sensitive data from risky users. A growing business brings increased risks When the company first reached out to Proofpoint, it was facing several challenges that were driving its need to better protect its data. For starters, it was experiencing strong demand and scaling rapidly in response. As a leader in business services, the company\'s supplier contracts and business processes contain intellectual property that fuels its efficient service delivery model. Yet, as the business grew and became more complex, there was an increased risk for data loss and business disruption. The CISO knew this and wanted to be proactive about managing these risks. The company also needed to address audit findings that were associated with data loss and, in doing so, improve its cybersecurity posture. The CISO knew he would need to implement a DLP program enabled by a solution that provided visibility across cloud, email and endpoints. However, he did not have the expertise to do this in-house-and worse, he didn\'t know how to get started. Data classification: myth vs. reality A Microsoft E5 customer, the company initially reached out to the vendor for assistance. In response, Microsoft informed them that to accurately start protecting data, it would first need to classify and label all of its data. With terabytes and terabytes of data, the idea of classification quickly became a daunting task. And that wasn\'t the only hurdle. The effort would also need to involve the legal team, which would need to agree to the classification process. This could further delay the project. Aware of how long this could all take, the company consulted Proofpoint. We provided a different perspective and exposed the myth that all data needs to be classified before it can be protected. With Proofpoint Enterprise Data Loss Prevention (DLP), you can start protecting your data on Day One; data does not need to be classified to be detected. Instead, DLP rules and detectors can identify sensitive data movement and risky behavior in real time and generate alerts. DLP analysts can correlate and triage alerts to determine the intent of the user and take the appropriate response. With this approach, the company could start benefiting from Proofpoint DLP instantly. Immediate results with Proofpoint The hosted proof of concept (POC) with Proofpoint lasted less than two weeks. During that time, the scale of risky behavior quickly became apparent. Thanks to the visibility provided by Proofpoint, the CISO and security team could see the risks in their environment right away. This was a stark contrast to the arduous task of classification, which the company had undertaken with Microsoft in parallel to the POC. Several findings during the POC validated assumptions by the CISO. He had suspected that data was leaking from the company. However, this was the first time that he could see it happening. Proofpoint revealed that an HR employee was forwarding resumes and applications to their home computer. Based on the nature of the content, this was a clear violation of company policy, raising suspicion. One of the POC\'s most revealing data points was the high volume of alerts that were generated by users who were browsing generative AI (GenAI) websites. In addition, the POC uncovered six instances of potential cloud account compromises, which resulted in three files being abused post-compromise by an attacker. What\ |
| Notes | ★★ |
| Envoyé | Oui |
| Condensat | 500 700 about abused accelerate account accurately across action addition address agree alerts all also analysts any apparent applications approach appropriate arduous assistance associated assumptions attacker audit aware away based basics basis became because become before behavior being benefiting best better beyond blog brings browsing business but can case case cases centric challenges channel channel chose ciso classification classification: classified classify clear cloud cloud combination companies company competitive competitors complex compromise compromise compromises computer concept consulted contain content continuous contracts contrast corporate correlate could critical cross crown cumbersome customer cybersecurity data daunting day decided decision: decrease defend delay delivery demand deployed deployment details detected detectors determine did didn different differentiates dilemma: disruption dlp does doing driving during easy efficient effort email email emails emails employee employees enabled endpoint endpoints engaging enterprise environment especially every experiencing expertise expertise experts exposed facing feel fiercely files files findings findings first fortune forward forwarding from fuels further genai generate generated generative get global goes going grew growing guided had haggle happening has have help helps here high holistic home hosted house how however human hurdle idea identify identifying immediate imperative implement implementing importantly improve includes includes: increased information informed initially initiative insider insights instances instantly instead intellectual intent invest involve its jewels keeping knew know label lasted leader leaking learn legal less level lifeblood like logic logins long loss managed managing maturity met microsoft misdelivery misdirected model more more most movement myth namely nature need needed needs not objectives offer: one one; only optimize optimized organization out over parallel partner partnerships path people person perspective poc points policies policy post posture potential prefer prevention price proactive process processes products program program project proof proofpoint proofpoint proofpoint: property protect protected protecting protection proven provided provides quick quickly raising rapidly reached read real reality refining rely response result resulted results resumes revealed revealing reviewing right risk risks risks risky rules safe same scalability scale scaling security see sensitive sent service services several share short sites six solution some speed stand standing stark start started starters strong success successful summary summed supplier suspected suspicion suspicious take task team technology terabytes than thanks that them these three through time today triage two uncovered undertake undertaken use user users validated value vendor violating violation visibility visibility so volume wanted wasn websites weeks what when which who why why: will without worse would wrong yet your “we ” |
| Tags | Cloud |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.