Why SWG and CASB solutions are essential for preventing data leakage and cyber threats
Everyday, people fly the friendly internet skies, visiting different websites, and sharing files with each other. They are accessing everything from Gaming to Gambling to General Entertainment websites and sharing files that may contain personal information. Now this is fine if it’s personal activity—but what if you’re part of a professional organization?
If I’m part of the security team at that organization, I’d want some controls to know where you’re going on the internet, how you’re accessing it, and who you’re sharing files with in order to keep you safe from malicious attacks and data leakage.
Is that really necessary?
Let’s take a look at some trends we’ve seen:
Total Blocks in the last 7 days? Over 60k! Where were these users going?
Almost 50% of the blocks were...you guessed it: AI/ML
Organizations are clamping down on Artificial Intelligence usage.
Top blocked categories
- 49.1% AI/ML: ChatGPT, Gemini, DALL-E, etc.
- 8.8% File Storage: Dropbox, Box, WeTransfer, etc.
- 7.8% Malicious/Suspicious: Block users from being unknowingly exposed to dangerous sites
- 1.9% Software Downloads: Prevent employees from downloading non-approved IT apps
This data begs the question, are employees doing this intentionally?
While it’s hard to know for sure without asking them directly, we can deduce a few things.
- AI is on the rise, and every employee is looking to automate their work, the data clearly shows a desire to access these tools. But they’re being blocked because company policies don’t want you uploading proprietary code or sensitive content.
- Categories like ‘File Storage’ are blocked to ensure employees can not access their personal cloud storage drives, reducing the risk of data exfiltration. The most common use case we see here is a recently terminated employee trying to take company files with them.
- Most of the time employees are completely unaware they are accessing a Malicious site so these blocks are protecting the accidental misstep.
This is why having a reliable and easy to use secure web gateway solution is so important. You need to be able to monitor activity and block access to sites that could be harmful, or non-productive to your organization.
Now what about those company files? I can not tell how many times leaders have said, “No I’m good…we have tight controls and I know we don’t have any publicly exposed files.”
Well, we challenged one of those leaders to run CASB Neural, here are those results:
Out of 84M Files scanned, 2.4% are Publicly exposed. That may not sound like a lot, but it’s over 2M publicly exposed files.
2M Publicly exposed files!
Another way of saying this is that the file is “publicly accessible.” That means while you personally may have never shared this file or folder with anyone outside of your organization, it still has the ability or “sharing permissions” that allow it to be exposed to an external party.
Of those 2M files, over half a million, or 25% of the found public files, fall into either Intellectual Property (IP), Personally Identifiable Information (PII), Protected Health Information (PHI) or Payment Card Industry (PCI).
- IP 6.2%
- PII 53.2%
- PHI 5.8%
- PCI 34.8%
That means either your data, your customers, vendors, or anyones data who you work with could potentially be at risk of being exposed.
What are some examples of the types of files and data we found in these categories?
- Publicly exposed data rooms where anyone could download sensitive information (stock purchase agreements, equity, offer letters, etc.) about major startups
- PHI documents publicly available because it was the default setting when creating a sharing link
- Troves of sensitive files shared publicly, with no possible way to find out, including bank statements, etc.
So what does all this mean?
Most of the time people are not sharing sensitive information, or going to malicious websites on purpose. So having these filters in place is crucial for catching those accidental human errors that will ultimately happen.
Because as the data shows, people are trying to access sites they shouldn’t be, and unknowingly have file sharing permissions that could be huge security risks to your organization.
These solutions keep you productive and safe. So make sure you have a SWG and CASB DLP solution that is fast, reliable and invisible because at the end of the day you want it to work really well and not get in the way 😉.