Blogs & Resources

Cloud Data protection: Going beyond config-based measures

Supreeth Rao
Nagraj Seshadri

Last year was a record year for data breaches. Data exposure events, where sensitive data is left sitting online, were responsible for cybersecurity incidents involving an estimated 164 million of the 294 million people victimized.

The failure to change a single setting on a database server or storage folder on a cloud service can often mean the difference between keeping it private or exposing it to the world. Ransomware-related data breaches have doubled in the past two years. Phishing(breached passwords) continues to be a significant cause of data exfiltration. 

Organizations can better protect themselves against breaches by bringing in behavioral context alongside configuration visibility of cloud data stores and warehouses. Behavioral context includes aspects of data and access like, 

  • Atypical queries are being made to a critical data store or warehouse. Atypical is defined by the behavior aspects such as location, frequency of access, and likes.
  • Over-provisioned user or not.
  • Sensitive data entities (SSN, medical beneficiary number) in a data store.

Theom automatically maps cloud data (like AWS data stores) and analytical stores (like Snowflake) and classifies the contents. It showcases relationships between data stores, the types of sensitive data stored, and users and vendors are accessing them. Using these relationships, Theom pinpoints critical data stores that can be publicly accessed or accessed without MFA, not encrypted or encrypted weakly, so that security teams can fix the cloud data risks. More importantly, Theom provides detailed context around the data and uses it to prioritize risks from ransomware, 3rd party vendor compromise, and internal threats. It provides remediation so that organizations can take proactive measures to secure their most sensitive data right away.

As data breaches get more sophisticated wrt attack signatures, enterprises increasingly need to go beyond config-based best practices and measures to use solutions like Theom, which enables access and data security based on behavioral context.