Cloudflare announced Cloudflare Data Loss Prevention, a network-wide data loss prevention (DLP) solution that protects all traffic routed through Cloudflare’s global network from data loss and help businesses protect all of their information.
Cloudflare DLP will sit between the corporate network and any applications employees use, to provide a layer of protection and control over all data entering or leaving the network.
As a result, it can identify and mitigate the major causes of data breaches, including disgruntled employees deleting sensitive information in SaaS applications, data leaking from misconfigured APIs, and bad actors downloading sensitive data from the corporate network.
More than one billion personal records have been exposed due to data breaches in the United States alone in the last five years resulting in fines, lawsuits, and long-term brand damage.
It’s more important than ever that CISOs have control over who can access specific applications or data, and have visibility on what data is leaving or entering their network.
However, traditional DLP solutions have focused on scanning and identifying data before applying security controls to it, and most DLP implementations meet limited success; the process is slow, the data sets too complicated, and the process introduces too much latency.
Unlike anything that’s been done in the past, Cloudflare Data Loss Prevention acts as a layer of protection in front of any number of applications a business may use, so a company can easily set controls to help stop malicious actors getting in or data leaking out.
“The Data Loss Prevention market has been stagnant for a long time. When we were talking with our customers, we realized there was a huge gap – everyone knows they need a DLP solution, but the only options are expensive, hard to manage, and haven’t seen innovation in years,” said Matthew Prince, co-founder and CEO, Cloudflare.
“We’re doing something new by rethinking data loss prevention as an extension of our network, instead of adding yet another point solution for CISOs to manage.”
Cloudflare DLP will sit between the corporate network and the applications its employees use. As such, it is able to view incoming requests to these applications and only grant access to users that have the correct authorization.
For example, a company could restrict access to a CRM system to only members of the sales team or even specific account teams to ensure sensitive customer information is protected.
IT teams only need to learn one set of controls for all their applications and can put granular rules in place that restrict access, editing rights, or the ability to download data for specific applications.
Cloudflare DLP also works with Cloudflare Magic Transit, extending the benefits of Cloudflare’s network to customers’ branch office locations, on-premise, and data center networks. This allows Cloudflare DLP to protect customer traffic regardless of where it is coming from.
Cloudflare Data Loss Prevention helps any business:
- Secure the entire network: Unlike traditional DLP point solutions which focus on specific areas, like email gateways, Cloudflare Data Loss Prevention will run across Cloudflare’s global network meaning it can secure data across entire corporate networks.
- Automatically secure sensitive information: Businesses can quickly and easily identify traffic that has confidential information with a series of prebuilt patterns, including scanning for Personally Identifiable Information (PII) and financial information, and then easily secure it.
- Apply granular controls to any applications: Prevent employees from viewing, modifying, or deleting sensitive data anywhere including in popular SaaS applications for HR, sales, or finance software, regardless of the features the application provides.
- Identify leaks before data leaves your network: Protect websites and origins from leaking data due to either accident or malicious intent.
- Deploy in minutes: Because it is integrated into Cloudflare’s other security services Cloudflare Data Loss Prevention deploys easily and integrates with other security tools.
- Protect API and web traffic: Cloudflare Data Loss Prevention works with API Shield and allows scanning API response payloads for sensitive patterns.