Cyberhaven’s latest features enable real-time enforcement policies based on the full context and history of data. Teams can automatically identify and control high-value data, ensuring that policies follow data even as it is modified, copied and shared across the enterprise. The platform’s blocking capabilities extend even further, preventing risky data sharing to personal cloud storage and encrypted messaging applications as well as local USB media.

Since Cyberhaven’s DDR platform operates well beyond content patterns or binary block/allow functionality like most DLP tools, it can better protect all sensitive enterprise data, whether in-use, in-motion or at-rest, even in locations that were unknown to the security team and regardless of any user evasion tactics. By mapping a complete lineage of data’s movement from inception, organizations have the visibility and control necessary to ensure security policies protect any type of data — even if encrypted — without the need to tag or pre-process it. This visibility and control helps further minimize the risks of data sprawl without sacrificing users’ ability to create, collaborate and maintain privacy.

In the past, organizations have been apprehensive about using DLP data blocking features out of a concern for disrupting productivity and work. DLP regular expressions are highly prone to false positives, while policies from DLP products are often seen as one-sided decrees lacking the fluidity and complexity to truly accommodate the needs of dynamic digital organizations. Conversely, end-users perceive traditional DLP blocking as invasive and disruptive, primarily when used as a means of enforcing newly introduced or previously unknown security policies. Cyberhaven’s blocking methodology remedies those issues by calling upon contextual information, such as provenance, app, user, and content, to enforce policies without frustrating users and overwhelming security teams with false positives from outdated signature models.