Classification of data is key step in identifying security risk and meeting compliance standards. With the adoption of cloud it gets harder. Understanding what are your critical data assets, where they are stored, who has access and why is a cornerstone of a good cyber security strategy. With "shadow IT" being more prevalent than ever, how would you know if someone in marketing had subscribed to a cloud service and uploaded your entire customer database? They are just doing their job but in doing so they could be exposing you to a possible data breach and even worse, a regulatory fine.
How do you classify your data, apply policies, monitor access regardless of whether your data is on-premises, in a cloud infrastructure service (such as an S3 bucket), in a PaaS database or a SaaS application?
You need a layer of security that is in-line and API based that classifies cloud services as sanctioned, tolerated or unsanctioned. By performing risk discovery and creating deep visibility, we can enforce data leak prevention, compliance and monitor user behaviour to mitigate the risk of a malicious and negligent employees causing you a bad day.