Skip to main content
banner image
venafi logo

DLP Strategies Protect Human Identities but Ignore Machine Identities

DLP Strategies Protect Human Identities but Ignore Machine Identities

DLP Protect Humans Ignore Machines
October 24, 2018 | Diederik Klijn

A lot of companies have implemented data leakage protection (DLP) solutions that are designed to protect against the leakage of personal (human) information. For example, most of the DLP Solutions are optimized to protect personal identifiable information (PII) and classified/business-critical information shared (un)intentionally by employees. There are also a lot of default templates in these products that help customers to comply with all kind of regulations, like PCI or HIPAA, that are designed to protect personal information.

But what many organizations fail to consider is that most DLP products also include the ability to recognize the leakage of machine identities, such as private keys. In many ways, these machine identities are just as valuable (and arguably more valuable) than human identities.

Machine identities control the safe and private communications between machines as well as between humans and machines. If cyber criminals gain access to machine identities, then they can create covert channels that allow them to exfiltrate data under the cover of encryption. And while these encrypted tunnels are indeed nefarious, they use bona fide machine identities so they will appear to be legitimate.

That is why it is critical that organizations leverage DLP capabilities to include monitoring machine identities. But the sad reality is that, in a lot of cases, organizations do not identify the leakage of machine identities as part of their DLP policy.

The fact that most organizations do not privilege machine identities as part of their DLP efforts, confirms a suspicion that I have long harbored: that machine identities are not on the radar of the people that are protecting key assets. This general ignorance begs the question, “why aren’t the keys to the crown jewels better protected?” In other words, why would organizations pay so much attention to preventing the unauthorized flow of personal data from the enterprise, yet so little attention to protecting the machine identities that would allow attackers to disguise the illicit flow of that privileged personal data.

Ironically, one of best ways to protect human identities is by protecting machine identities. Indeed, once an underlying machine is compromised, cyber criminals may (in most cases) gain access to the critical personal data that they contain. Once this data is accessible, the attackers will find a way to hide the data in all kinds of (encrypted) protocols and exfiltrate them from the network, like we have seen recently. And, as I mentioned above, they will often misuse machine identities to do so.

Given the significant role that machine identities play in protecting data that resides on machines, my advice to organizations would be to check whether machine identities are a significant part of your DLP policies.

After all, what is the value in trying to protect user data leaving the network, if you don’t protect the identity of the machines on which the data resides?

Related posts

Like this blog? We think you will love this.
Featured Blog

Machine to Machine Communication in Early EVs was Appalling: Troy Hunt at Summit

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Diederik Klijn
Diederik Klijn

Diederik is a Sales Manager for Northern Europe at Venafi. He is currently leveraging his two decades of experience in IT Security to solve cybersecurity challenges revolving around machine identities in northern Europe.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more