Beyond the Public Cloud: Expanding our DSPM to SaaS and On-Prem File-share

Yotam Ben EzraYotam Ben Ezra
table of contents
Beyond the Public Cloud: Expanding our DSPM to SaaS and On-Prem File-share

The path to the cloud isn’t straightforward. Most IT leaders will tell you that the cloud is the future enterprise data - but in the present, you won’t necessarily find every relevant dataset or document in a well-cataloged cloud data store. Right now, data is all over the place: CSP-managed services, SaaS applications, on-premises shared network drives, and cloud collaboration services.

This further complicates life for CISOs and data security teams. The complexity and fragmentation of cloud environments have made it harder than ever before to find and monitor sensitive data; and the same overworked teams need to maintain separate security tooling to address the sensitive data being collected, generated, and stored outside of the cloud.

Today we are announcing a significant expansion to our platform meant to address the challenges of today’s hybrid environments. In addition to the three large CSPs and Snowflake, Dig Security can now be deployed to protect data in SaaS applications (starting with Microsoft365) and on-premises environments (starting with file shares).

Dig’s current coverage (more coming soon!)

Dig for On prem File Share

What this move is all about, and how it aligns with our vision

Dig is a cloud-native company and a cloud-native platform, and that’s not going to change. We are committed to providing an agentless solution that provides the plug-and-play, short-time-to-value experience that security professionals expect from modern software.

However, we are first and foremost a data-centric and customer-centric company. Our mission is to help enterprises understand and protect their sensitive data, which opens the door for faster adoption of cloud, analytics, and AI technologies. This means meeting customers where they are today, rather than where they will be in five years time - and providing a solution that can support them before, during, and after their migration to the cloud.

In this context, another theme that we keep encountering is consolidation. Security teams don’t want to manage (and pay for) half a dozen tools to cover every location where they store data. With today’s release, we have taken a major step towards our vision of unified data security and compliance - where policies are managed from a single platform, rather than a patchwork of partial solutions. The potential savings in cost and complexity are obvious.

Data security and GRC teams need a holistic view of the data they are tasked with protecting (such as customer PII and developer secrets) – whether that data is stored in a CSV in OneDrive or in an unmanaged MySQL database. Dig is intent on becoming that single pane of glass.

Introducing our new solutions

Dig for Microsoft365 

The problem: Microsoft365, OneDrive, and SharePoint Online can become a mess of unprotected sensitive data and tangled permissions. Trade secrets, financial information, or customer PII can hide amongst thousands of documents, which can easily be shared internally or externally.

The solution: Dig gives you transparency into which sensitive data is stored where, how it’s labeled, and who can access it: 

  • Discover sensitive data across any number of OneDrive accounts and SharePoint sites, including in PDF and image files.
  • See who has access to documents that contain security- or compliance-related data, as well as active links that grant access to these documents.
  • Audit your organizational classification and RMS encryption scheme - Dig integrates with Azure Information Protection to find mis-labeled files and improve your labeling conventions

Learn more about Dig for Microsoft 365.

Dig for File Shares

The problem: File shares accumulate millions of documents, a fraction of which will contain sensitive data such as trade secrets or employee details. Labeling and naming conventions are often poorly enforced or documented; nested permissions to folders and files can become nearly impossible to untangle. Businesses are unable to answer the key security questions around sensitive data, access, and exfiltration.

The solution: Dig scans and classifies the documents in your on-prem file shares, and gives you immediate insight into the topography and governance of your shared folders:

  • Contextualize and prioritize data risks hiding in millions of unstructured documents, without installing agents
  • Gain visibility into how sensitive data is stored and shared - Dig lets you make sense of the convoluted mess of permissions and understand who can access what at a glance
  • Migrate workloads securely with uniform policies across hybrid, cloud, and on-premises environments - manage on-prem and cloud data monitoring from the same platform.

Learn more about Dig for on-prem file shares.

What’s next for Dig?

Without veering into cliche territory, it’s clear that the technology landscape is changing rapidly:

  • Processes such as cloud migration, digital transformation, and data democratization are picking up pace as companies look to operationalize the data they collect. 
  • Ambitious data projects need to be managed within an increasingly scrutinous regulatory environment and at a time of heightened awareness around privacy and data protection among consumers. 
  • Generative AI has captured the imaginations of many, but LLMs pose their own set of challenges

Every innovation and transformation introduces new threat vectors. Our customers expect us to help de-risk their journey to evaluate, adopt, and scale their use of cutting-edge technologies. In order to do so, we will continue following the data - wherever it is right now, and wherever it’s going in the future. Expect some more news soon!


No items found.

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed consectetur do eiusmod tempor incididunt eiusmod.