Empowering Users to Self-Protect Their Data
%202.webp)
In today’s fast-evolving cybersecurity landscape, organizations must not only deploy sophisticated security tools but also empower users to self-protect. Operationalizing this data security requires a proactive approach that integrates automation, streamlined processes, and user education. A recent discussion with Sapir Gottdiner, Cyber Security Architect at Global-e, highlighted key strategies to enhance data security by addressing alert management, sensitive data exposure, and user-driven security measures.
As a provider of end-to-end e-commerce solutions that combine localization capabilities, business intelligence, and logistics for streamlined international expansion, Global-e makes cross-border sales as simple as domestic ones. The chosen partner of leading brands and retailers across the USA, Europe and Asia, Global-e sets the standard of global e-commerce. This requires a strong commitment to security and compliance, and Global-e must comply with a number of strict regulations.
Automating Security Tasks for Efficiency
“One of the primary challenges faced by any security team is keeping pace with the volume of security alerts and the effort required to address them”, said Sapir. Automating human resource-constrained tasks is crucial for efficiency. For example, sensitive data should only exist in certain controlled environments, as improper data handling can lead to vulnerabilities. By leveraging DSPM which acts as a validation tool, organizations can automate the detection of sensitive information stored in incorrect locations and initiate remediation processes without human intervention.
Strengthening Sensitive Data Protection
A concern identified in the discussion was data accessible to unauthorized personnel in Microsoft OneDrive, that may contain sensitive information. To mitigate this, organizations should automate the creation of support tickets (in Jira, for instance) for security incidents, ensuring critical and high-risk alerts are addressed immediately. Assigning these incidents to the relevant departments and data owners ensures accountability and prompt resolution. Additionally, identifying the type and location of sensitive data enables organizations to implement precise fixes, reducing exposure risks.
Risk Management and Process Improvement
Permissioning is equally important and organizations must establish clear procedures and policies for managing authentication credentials. Different actions for different levels of risk to ensure no business interruption is applicable in most cases. This can vary from easy, quick access revocation for low-risk cases while requiring manual verification for critical credentials.
Furthermore, proper data storage is an important protection factor, given sovereignty regulations, data proliferation, etc. Implementing well-defined data mapping strategies and systematically applying proper hygiene and ensuring correct locations will minimize security gaps. For the future, Sapir envisions smart data mapping within O365 and deeper integrations with automated remediation workflow tools to further enhance security posture.
Continuous Review and Training
Sapir also suggests that to ensure compliance and effective security management, organizations should conduct monthly security reviews. These reviews help define when to close or suppress alerts, preventing unnecessary effort on minor issues. Additionally, policies should align with infrastructure security and regulatory compliance requirements such as GDPR, PCI and SOC2. Expanding security training programs is another essential step, equipping users with the knowledge on proper storage and handling of controlled data and how to avoid common security missteps. Empowering users to self-police/self-remediate allows lean security teams to scale data protection operations more efficiently.
Enhancing Communication and Future Improvements
Streamlined communication between security platforms, such as Jira and Microsoft Teams, can significantly improve incident resolution. Automating alert closures based on predefined criteria will reduce the workload on security teams. Addressing existing bugs, such as shadow IT detection issues, will further refine security processes. By fostering a culture of proactive security and leveraging automation, organizations can empower users to self-protect, ensuring a robust defense against evolving cyber threats.
Operationalizing data security is an ongoing effort that blends automation, user education, and process refinement. By taking a strategic user-enablement approach, organizations can create a security-aware culture while minimizing risks and optimizing their security response. Since implementing Sentra’s DSPM solution, Global-e has seen significant improvement in the strength of its data security posture. The company is now able to protect its cloud data more effectively, saving its security, IT, DevOps and engineering teams time, and ensuring it remains compliant with regulatory requirements. Empowering users and data owners to take responsibility for their data security, and providing the right tools to do so easily, is a game changer to the organization.
<blogcta-big>
Ran is a passionate product and customer success leader with over 12 years of experience in the cybersecurity sector. He combines extensive technical knowledge with a strong passion for product innovation, research and development (R&D), and customer success to deliver robust, user-centric security solutions. His leadership journey is marked by proven managerial skills, having spearheaded multidisciplinary teams towards achieving groundbreaking innovations and fostering a culture of excellence. He started at Sentra as a senior product manager, and is currently Sentra's senior technical account manager in NYC.
