Platform Watches Log Activity, Enriches Logs with Geolocation Insights, Scores Risks and Informs Data Loss Responses
Allure Security, the data loss detection and response company, now offers data loss risk monitoring for Microsoft Office365, OneDrive, Sharepoint, and Teams. The Allure platform continuously watches and analyzes log activity, extends visibility even after a document is downloaded, copied or shared with a third party, and surfaces risks based on unique data loss indicators.
According to a recent ESG survey, companies are migrating data to the cloud faster than they can secure it. The research reveals 50% of survey respondents say they know that they have lost cloud resident data and 22% suspect they have lost data. The architect of this research, ESG Senior Analyst Doug Cahill, said, “The increased use of both sanctioned and unsanctioned cloud-based applications, in combination with security programs for the cloud that are often less mature than existing on-premise initiatives, has led to a significant loss of corporate data. Top contributors to data loss include violations of security policy, the misuse of access controls, and the implications of employees using their own devices.”
“It’s alarming that enterprises still lack visibility into what happens to confidential documents once they’ve migrated to the cloud. This has left security teams in the dark on cloud risks, including insider and third-party risks caused by downloading and sharing habits that contribute to data loss,” said Mark Jaffe, CEO of Allure Security. “Now, organizations can migrate more data to the cloud and get the critical visibility needed to reduce data loss risk and maintain cloud storage integrity.”
Allure helps organizations understand Office365 use across organizations, and detect and respond to data loss resulting from stolen credentials, insider threats, malicious third parties, ransomware and human error. Allure’s approach includes three main components:
- Watch Office365 activity closely: See who interacts with which files, when and from where. Security teams can know in real time if bulk downloads occur, if files are accessed anonymously, and if documents are opened in risky locations or via unauthorized domains.
- Extend visibility beyond the cloud share: Agentlessly track activity even after documents are downloaded, copied or shared.
- Detect leaks and breaches: Know if insiders, malicious third parties, bots or hackers are snooping around confidential and sensitive files, and whether data is lost as a result. Also, security professionals can set up optional alerts to be informed when risky activity is in progress to inform response and limit data loss.
Allure’s intuitive dashboard captures and visualizes risks so users can easily see notable events with granular details and geolocation information, identify key indicators used to calculate and prioritize risks, and monitor most active users, domains, locations and operations. Additionally, users can drill down into specific document and user activity to collect forensics during active investigations.
“We rely on Allure Security as a force multiplier for our security team. It is amazing how Allure is able to collect and analyze cloud log data and present it in such an insightful and digestible manner to flag risks, inform our responses and help us enforce policies. Allure is able to give us visibility into our global file and user activity and effectively complements Microsoft’s Security Center,” said Antonio Garcia, chief information security officer at GRA. “I was very impressed at how easy it was to set up an Allure Security account. Once our OneDrive environment was connected, our dashboard started populating immediately. Within a day, we saw that our almost 100 employees accessed OneDrive files more than 1,000 times. This finding alone helped us better prioritize our security investments and resources.”