Skip to content

IT Considerations for a Remote World: How Tech Companies View DLP & Vulnerabilities

Natalie Robb

July 30, 2020

3 minute read

DataLossPrevention featureImage

With the shift to remote work this year, securing data has become top of mind for companies everywhere. Your users are now likely relying even more heavily on SaaS apps—collaborating and sharing data in new ways. And because SaaS is the system of record today, your organization’s sensitive data is in these SaaS apps.

So what should IT leaders in today’s remote work environment be thinking about when it comes to data protection, particularly with SaaS?

Digging back into survey data published in our The State of Insider Threats in the Digital Workplace 2019, we were able to learn more about SaaS security and data protection from one of the most demanding enterprise segments: tech companies themselves. We wanted to see how SaaS-savvy tech leaders view data loss vulnerabilities as well as what they do for data loss prevention (DLP).

Three types of tech companies make up this category: computer software, which mostly comprises SaaS apps themselves; Internet companies, which are web properties; and of course, IT services. Each predictably has different data loss fears that technologies with data loss prevention features—like SaaSOps—can help mitigate.

As you can see by the chart, 50% of software companies report being most vulnerable to customer data exposure. For good reason, too.

Most of these companies store their customers’ data. This makes monitoring user interactions (i.e., how users are sharing sensitive data) all the more important. SaaS companies store huge quantities of customer records—and costs of breaches are highly tied to numbers of exposed customer records. Just last year, a recent joint IBM and Ponemon Institute reported that the average cost of breach is $3.92 million, up 12% over a five-year period, and corresponds to numbers of records exposed.

Oh, and breach costs are not a one-time hit. Instead, costs drag out over years to include lost sales that result from angry customers.

DLP means something else for IT, services, and internet companies

Meanwhile, the other tech segments—IT, services, and internet—rank Exposure of confidential business information as a top vulnerability.

So why confidential business information?

Confidential business information is simply any info about a business not generally known to the public. And it usually means contracts and other legal agreements, like non-disclosure agreements, proposals, M&A plans, or purchasing contracts. It’s also in customer lists, training techniques, and proprietary methods. It can also mean exit interview notes, employee salary information, tax documents, or sales pipeline numbers. Of course, the list goes on…

The bottom line? Confidential business information is way more encompassing than intellectual property and trade secrets.

For human capital-intensive IT, services, and internet companies—that have highly sought-after skills in a competitive labor market—risks of what might walk out the door are very real. And this is where data loss prevention measures and programs come in.

Sadly, less than half of all tech companies in our study actually use them. Computer software companies—with all those user interactions and data for customers—have arguably the highest risk, but only about 35% use data loss prevention measures.

But what happens when tech companies do use data loss protection measures? It’s almost unanimous that they work. After all, our research says that almost all agree they’re effective or very effective.

Summing up our look at data protection among tech companies

Taking care of your digital data makes good business sense. After all, it helps prevent customer breaches, saves untold amounts of money, and protects your confidential business information. It also does one more thing: helps preserve institutional knowledge. Lastly, data loss prevention measures work. For all these reasons, therefore, data loss prevention should be a corporate imperative.

Learn more about this crucial set of technologies to help you better manage and secure the SaaS applications that make up your digital workplace here.

Want to learn even more? Check out this 451 Research report on SaaS Operations and learn why it’s one of the fastest-growing technologies and IT trends today.

And if that’s still not enough, head over to The School of SaaSOps, our educational webinar series designed to teach you the basics of this IT practice.