Digital Guardian announced new enhancements to its endpoint DLP visibility and security controls specifically to secure a hybrid work model.
“According to a recent Gallup polli, seven in 10 U.S. white-collar workers are still working remotely and many organizations have turned to Secure Access Service Edge (SASE) to secure those employees, despite some clear gaps in those solutions,” said Mordecai Rosen, Digital Guardian CEO.
“Our new endpoint DLP features are purpose-built to address those SASE gaps and the market is responding as evidenced by Digital Guardian’s record year over year new business sales bookings and revenue growth.”
SASE solutions push security monitoring to the “service edge” for better control and visibility of users and data on an organization’s network but the current state of SASE leaves organizations’ sensitive data at risk in several areas:
- Visibility and control of sensitive data on endpoints: SASE have visibility to data stored in the cloud but typically not to on-premises data stores and sensitive data on endpoints.
- Inconsistent policy enforcement: Cloud-based SASE solutions rely on multiple Points of Presence (POP) to which traffic is redirected for inspection and policy enforcement. This can lead to a requirement for additional solutions at remote locations with low-latency requirements.
- Poorly secured work-from-anywhere (WFA) environments: Employees can bypass or disable SaaS based web security services and corporate VPNs. Outdated, unpatched devices such as routers, printers, and Internet of Things (IoT) devices represent a major risk. These devices can provide attackers with an initial foothold that they can use to move laterally and compromise endpoints and assets across the corporate network.
Recently released Digital Guardian endpoint DLP enhancements bridge SASE gaps in the following ways:
Providing visibility and control of sensitive data for the broadest range of endpoint operating systems, browsers and applications, regardless of whether they are on the corporate network or at home, including:
- Digital Guardian endpoint web inspection proxy (WIP) support across all browsers: Consistent, browser-independent enforcement and point for web inspection across Windows, Mac and Linux endpoints and compatible with millions of websites worldwide.
- Collaboration apps support: Extends coverage to both corporate and personal collaboration desktop applications Microsoft Teams, Skype, Slack, and Zoom to block users from sharing sensitive information in files and chat – or warn them, require a justification, or just log attempts to do so.
- Apple Big Sur support: Support for the latest version of macOS including implementation of the new Apple Endpoint Security API.
Consistent policy enforcement at the endpoint, including:
- Microsoft Information Protection (MIP) integration: Comprehensive support for governing the usage of MIP classified and MIP protected information with automatic propagation of MIP rules into existing Digital Guardian DLP policies. The ability to proactively set and correct MIP labels is also coming in Q4’21.
- Amazon Macie integration, S3 coverage and workspaces compatibility: Pull Amazon Macie findings into the Digital Guardian Analytics and Reporting Cloud (ARC) to provide a unified view of sensitive data from the endpoint to the cloud.
- Insider threat workspace: Provides a holistic view of user behavior across all monitored applications and data classifications to understand risks originating on an endpoint device.
Securing the widest variety of remote work environments, including:
- Real time risk intelligence and controls: Process risk intelligence in real time to block risky executables, as well as prioritize incident investigation.
- Executive visibility into endpoint risk: New dashboards and workspaces offer executive level insights into the organizations data risk posture such as riskiest users, number of incidents created, number of blocked actions, etc.
Incorporating security into the cloud and the edge, and delivering data protection at the endpoint, are the only way to really secure the remote workforce. Digital Guardian customers can contact their account manager or authorized reseller to enable these new features and take the necessary steps to secure devices and data wherever they may be located.