Empowering Users to Self-Protect Their Data
%202.webp)
In today’s rapidly evolving cybersecurity landscape, protecting sensitive cloud data requires more than deploying advanced security tools, it demands operationalized data security and empowered users. Organizations must reduce alert fatigue, gain visibility into sensitive data exposure, and enable data owners to take action without slowing the business.
In a recent discussion with Sapir Gottdiner, Cyber Security Architect at Global-e, we explored how Global-e approaches cloud data security using automation and Data Security Posture Management (DSPM). Operating across multiple regions and complying with strict regulations such as GDPR, PCI, and SOC 2, Global-e needed a scalable way to identify sensitive data, manage risk, and streamline remediation - without overburdening security teams.
This customer-driven perspective highlights how DSPM-powered automation and user enablement can transform data protection from a reactive process into a proactive, scalable security strategy.
Automating Security Tasks for Efficiency
“One of the primary challenges faced by any security team is keeping pace with the volume of security alerts and the effort required to address them”, said Sapir. Automating human resource-constrained tasks is crucial for efficiency. For example, sensitive data should only exist in certain controlled environments, as improper data handling can lead to vulnerabilities. By leveraging DSPM which acts as a validation tool, organizations can automate the detection of sensitive information stored in incorrect locations and initiate remediation processes without human intervention.
Strengthening Sensitive Data Protection
A concern identified in the discussion was data accessible to unauthorized personnel in Microsoft OneDrive, that may contain sensitive information. To mitigate this, organizations should automate the creation of support tickets (in Jira, for instance) for security incidents, ensuring critical and high-risk alerts are addressed immediately. Assigning these incidents to the relevant departments and data owners ensures accountability and prompt resolution. Additionally, identifying the type and location of sensitive data enables organizations to implement precise fixes, reducing exposure risks.
Risk Management and Process Improvement
Permissioning is equally important and organizations must establish clear procedures and policies for managing authentication credentials. Different actions for different levels of risk to ensure no business interruption is applicable in most cases. This can vary from easy, quick access revocation for low-risk cases while requiring manual verification for critical credentials.
Furthermore, proper data storage is an important protection factor, given sovereignty regulations, data proliferation, etc. Implementing well-defined data mapping strategies and systematically applying proper hygiene and ensuring correct locations will minimize security gaps. For the future, Sapir envisions smart data mapping within O365 and deeper integrations with automated remediation workflow tools to further enhance security posture.
Continuous Review and Training
Sapir also suggests that to ensure compliance and effective security management, organizations should conduct monthly security reviews. These reviews help define when to close or suppress alerts, preventing unnecessary effort on minor issues. Additionally, policies should align with infrastructure security and regulatory compliance requirements such as GDPR, PCI and SOC2. Expanding security training programs is another essential step, equipping users with the knowledge on proper storage and handling of controlled data and how to avoid common security missteps. Empowering users to self-police/self-remediate allows lean security teams to scale data protection operations more efficiently.
Enhancing Communication and Future Improvements
Operationalizing data security is an ongoing effort that blends automation, process refinement, and user education. As Global-e’s experience shows, empowering users and data owners to self-protect and self-remediate sensitive data allows security teams to scale their impact while maintaining strong compliance and governance.
Since implementing Sentra’s DSPM solution, Global-e has significantly strengthened its cloud data security posture. The organization now has greater visibility into sensitive data exposure, faster remediation workflows, and reduced operational overhead for its security, IT, DevOps, and engineering teams - all while remaining compliant with global regulatory requirements.
By shifting data security closer to the people who create and use the data, and supporting them with the right DSPM tools and automation, organizations can reduce risk, improve efficiency, and build a culture of shared responsibility for data protection. User-driven data security isn’t just more scalable, it’s a competitive advantage.
<blogcta-big>
Ran is a passionate product and customer success leader with over 12 years of experience in the cybersecurity sector. He combines extensive technical knowledge with a strong passion for product innovation, research and development (R&D), and customer success to deliver robust, user-centric security solutions. His leadership journey is marked by proven managerial skills, having spearheaded multidisciplinary teams towards achieving groundbreaking innovations and fostering a culture of excellence. He started at Sentra as a Senior Product Manager and is currently the Head of Technical Account Management, located in NYC.
