The enterprise perimeter has dissolved with more and more data moving to Cloud data stores and DB-as-a-service offerings. Traditional data loss prevention techniques helped enterprises in the past, providing a choke point to look at data going in and out of the perimeter. However, with the advent of Snowflake, Databricks, Apache Pinot, Apache Druid, and the critical data in many enterprises now reside in the cloud or SaaS offerings where traditional DLP techniques do not play a role. Besides these data stores, data on AWS, Azure, and GCP must be secured.
Providing data loss prevention for Cloud data stores will mean relooking at data security from a data-centric approach. Security controls are more data-aware with the full context of data and access to data, wherever the data exists.