New Kaspersky Endpoint Security Cloud keeps sensitive cloud data safe
The new version of Kaspersky Endpoint Security Cloud now provides visibility and control over corporate files containing personally identifiable information (PII) or bank card details stored in Microsoft 365 applications[1]. The product detects such files, so IT security managers can make sure that they are stored according to corporate policy and, more importantly, cannot be accessed from outside of the company.
Personally, identifiable information still remains the type of data most commonly involved in breaches (43%), according to a Kaspersky study[2]. Up to 15% of files stored in cloud services, such as SharePoint or Teams, which contain sensitive data, turn out to be shared with someone outside of the company’s staff circle[3]. IT and IT security teams need to know if this risk arises to minimize the likelihood of this information getting into the wrong hands and ensure that the business follows data protection regulations.
The new Data Discovery capability in the updated Kaspersky Endpoint Security Cloud provides visibility over this cloud data. It gives IT managers a list of the files that are stored anywhere in Microsoft cloud applications – including SharePoint Online, OneDrive, and Teams – and contains any item of PII or bank card data. This includes data such as driving licenses, identity cards, passports, residence permits, social security, and taxpayer information. The product ensures 100% detection rate of PII regardless of the structure, delimiters they are written with and file extensions, as confirmed through a recent AV-TEST study[4] using German data.
The product scans all files with dedicated heuristics as soon as they are added to any of the applications. Analysis is carried out in the customer’s Microsoft 365 cloud tenant, so no documents or data leave the customer’s environment. IT managers can receive a list of documents that feature PII in reports and the detection list, as well as on the dashboard widgets in the management console. For each document, they can check the author, its location in Microsoft 365 applications, who has access to it internally or whether it is accessible from outside of the company. The administrator can then contact file owners asking them to improve access settings.
“Data discovery and other Kaspersky Endpoint Security Cloud capabilities go far beyond standard endpoint protection to include the prevention of data breaches, cloud application management, and policy control. But the product makes the process simple and effective, which is so important for small and medium-sized companies. That means they can improve the overall level of security and awareness within their organization. From a business perspective, such strong control over sensitive data can give companies an advantage in customer relations and business reputation,” comments Andrey Dankevich, Senior Product Marketing Manager at Kaspersky.
To learn more about Kaspersky Endpoint Security Cloud and how it helps small and medium organizations protect themselves, please visit the website.
To see the comprehensive product feature list in comparison with other endpoint protection solutions, you can check the AV-TEST study “Kaspersky Endpoint Security Cloud Plus: A feature comparison with seven other cloud-based endpoint solutions”.
[1] Data Discovery is able to detect bank card numbers from any country, bank, and payment system, and PII of specific countries. By the end of 2021, it will be able to detect documents with German, Italian and US personal data. New types of data will be added in 2022 for France, Spain and more European countries.
[2] According to the Kaspersky IT Security Risks Survey 2021, which conducted 4,303 interviews from businesses with more than 50 employees across 31 countries in May-June 2021.
[3] According to anonymized statistics of events detected by Kaspersky Endpoint Security Cloud during beta testing. The statistics consist of depersonalized metadata voluntarily provided by Kaspersky customers.
[4] “Personal Identifiable Information Protection: Sensitive Data Discovery test”, AV-TEST, August 2021
