What does it mean to be a multicloud organization? As the name implies, the term describes a model of cloud computing where an organization uses multiple clouds—two or more public clouds, private clouds, or a combination of public, private, and edge clouds—to distribute applications and services. Subscribing to multiple cloud vendors can help your business access best-of-breed solutions along with competitive pricing.
The downside? Using multiple cloud platforms can create inconsistent infrastructures that don’t scale across environments. This can lead to teams working in silos—bringing increased complexity, additional costs, network security gaps, and risks to business-critical applications and data. It’s not unheard of for some organizations to own 80 to 100 different security tools stitched across hybrid and multicloud environments, while still wondering: are we secure? In this blog, we’ll help you answer that question by detailing four qualities a multicloud data-protection solution should provide and how Microsoft Purview can help unify security, compliance, and data protection across your enterprise.
Enabling multicloud integration and automation at scale is essential for fostering a robust partner ecosystem. Since 89 percent of enterprise customers have moved to a multicloud environment, maintaining security across your expanding data estate is necessary.1 Patchwork solutions can create vulnerabilities; whereas, a comprehensive solution is able to deliver seamless data protection and data governance across your entire digital estate.
Look for a multicloud security and data-protection solution that:
A data-protection solution with rights management and automatic encryption of emails (and attachments), as well as co-authoring of encrypted documents, will help to ensure secure collaboration. Your multicloud security tool should be flexible enough to allow manual labeling of some sensitive files for leadership-only access (like mergers and acquisitions projects), while also enabling admins to automatically label and protect business files stored in Microsoft SharePoint or Microsoft Teams (like Confidential labels for Finance or HR records). This tool should also be able to scan and classify on-premises file shares, as well as cloud applications and services.
Overcoming the siloed approach in a multicloud environment can be a challenge. However, the risks are too great to make do with ad-hoc, patchwork security solutions. Beyond PII, also at stake is your business’s intellectual property (IP), financial statements, organizational structures, employee contacts, and other information that could be targeted with ransomware, phishing, and password attacks.
Microsoft Purview’s information protection and governance capabilities help your organization address potential data vulnerabilities across a multicloud environment by integrating information protection and data lifecycle management, along with data loss prevention, insider risk management, and eDiscovery. Microsoft Purview’s data governance portal helps manage your entire data landscape—on-premises, multicloud, and SaaS—allowing you to create a comprehensive, up-to-date map of your data wherever it resides. This unified governance enables data curators and security admins to keep your data secure; all while empowering users to find the trustworthy data they need.
Microsoft Priva adds another layer of protection with privacy risk management, helping to identify data-privacy risks and automate mitigation wherever the data lives. To accommodate individuals making requests to review or manage their personal data about themselves, Microsoft Priva Subject Rights Requests includes the Microsoft Graph subject rights requests API. This powerful API helps your organization do more with less by automating searches across Microsoft Exchange, Microsoft OneDrive, SharePoint, or Teams.
And to protect the business-critical apps you rely on, Microsoft Defender for Cloud Apps helps you classify sensitive information using real-time controls that monitor data accessed across your multicloud environment. As a cloud access security broker (CASB), Defender for Cloud Apps blocks attacks against your apps using automated identity governance, and it integrates seamlessly with Microsoft Entra Permissions Management to root out and remediate permission risks.
Any data-protection solution needs to address the four areas discussed—unified discovery and protection, protection against data exfiltration, control of unstructured data, and a foundation of Zero Trust—across hybrid and multicloud environments. Both Microsoft 365 and Microsoft Azure are purpose-built with Zero Trust as a core architectural principle. And with comprehensive, integrated solutions for information protection, data governance, risk management, and compliance, Microsoft Purview builds on all four pillars—so you can move forward, fearless.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
1How Many Companies Use Cloud Computing in 2022? All You Need To Know, Jacquelyn Bulao, Tech Jury, November 26, 2022.
2Unlocking the hidden value of dark data, Maria Korolov, CIO. August 11, 2022.
The post 4 things to look for in a multicloud data protection solution appeared first on Microsoft Security Blog.
Source: Microsoft Security