In this episode, host Silas Glines, Solutions Engineer at Cyberhaven, speaks to Zach and Michael about:

• The value of data lineage for IVP’s security program, and why it’s superior to traditional approaches to data security. 
• The importance of building a culture of security by engaging with employees in advance of deploying tools and solutions to secure your environments.
• How solutions leveraging data lineage can make it easier to prove or demonstrate value to stakeholders and partners.
• And much more.

‍

Check out the highlights below, or watch the full discussion here.

Why relying on legacy DLP was ineffective for IVP

In this clip, Zach speaks to the pain of working with traditional security tooling like legacy DLP and SIEMs and how their false positive rate, combined with their limited visibility, ultimately made building a strong data security program a challenge.

“Our DLP solutions were never really told us exactly what was there. Everything was a credit card number. Everything was a Social Security number. And so it just wasn't great. And it was a lot of work to manage.”

– Zack Willis, Senior VP of Technology, IVP

Why understanding user behavior is critical to IVP’s DLP program

Michael briefly talks through how he thinks about the roadmap to building a DLP program. The core aspect that he began with was working with the security organization’s stakeholders to understand their workflow as well as the data sources and applications they leverage in their work in order to get a detailed understanding of how his program might impact their work. This also served to build relationships and buy-in with employees that Michael would have to interact with when building out policies.

“And so I think having that cultural approach to create a sense of pride in our user community to just kind of resonate with us and group along and work with us. Rather, It was very important from the beginning.”

– Michael Traski, Director of Information Technology, IVP

Proving business value to all stakeholders with data lineage

Proving value to stakeholders and partners is something security teams often must do via audits or through other means. Here, Michael talks about the concern that partners have around new technologies like generative AI and asked questions around how his team was addressing that risk. Leveraging the visibility that Cyberhaven provides, he’s able to answer these concerns directly with data, and demonstrate that he’s protecting IVP’s most important data without hampering productivity.

“Customers and partners are holding us accountable because obviously we're going to engage in a very intimate relationship where they're sharing their data with us. So they're really concerned with how we are treating not just our own internal and operational data, but how we treat our investors' data. Right… So now we feel that we have a tool when we actually see data goes out, see data coming in.”

– Michael Traski, Director of Information Technology, IVP

How IVP uses data lineage to avoid the limitations of data classification

Data classification lies at the crux of most security programs. In order to deploy policies, most tools require that content be tagged so that the platform can tell you what data it's triggering on. In this clip, Michael praises the clever inversion of this that data lineage allows for. With data lineage, the platform itself collects information about data that it provides within alerts, like where a file comes from, who has accessed it, and much more. This allows security practitioners to bypass the need to manually classify if they don’t want to, as they’re getting an understanding of the data in their environments in real time, based on how employees are using it.

“With Cyberhaven, we actually find it just extremely refreshing how you guys flipped the whole technology upside down, that you don't require data classification until the data starts moving. So that was just eye-opening. I don't have to do this massive amount of homework before I can even fire off my first policy.”

– Michael Traski, Director of Information Technology, IVP

Using just-in-time education to alter user behavior and organization-wide security culture

One of the most powerful realizations Michael had about Cyberhaven after deploying it is that it would enable him to remain in conversation with employees by allowing them to provide feedback on policies. With Cyberhaven admins like Michael can write just-in-time popups that notify a user about the policy they’re violating before blocking an action. Likewise, the user can respond to the popup to provide a business reason to justify their action and override the policy. This type of feedback allows user behavior to meaningfully be nudged in the right direction over time without frustrating them or getting them to tune out policy or best practices.

“That was like an aha moment to me. It is like, hey, we can actually educate users and let them know why we are doing certain things, why we block certain things … but you can give them an option to explain the behavior and continue to do it. We could still let them know that they violated the policy, and we would see that.”

– Michael Traski, Director of Information Technology, IVP

‍

{{ promo }}

Why IVP has moved beyond simple DLP blocking policies

In this clip, Zach discusses how leveraging data lineage to see data egress has allowed IVP to move beyond blocking access to websites and apps deemed to be for “personal use” like social media and personal Gmail. Because data lineage allows IVP’s security team to actually understand what data is entering and leaving their environments, they don’t have to unilaterally prevent access websites for uses that are ultimately benign.

“And so, you know, from our perspective, at least from my perspective, I don't think blocking isn't necessary at this point. Our users trust us; we trust our users”

– Zack Willis, Senior VP of Technology, IVP

Data lineage has enabled improving success by identifying opportunities for further education

Speaking to the value of data lineage and just-in-time education in IVP’s security program, Zach talks about how powerful it is to be able to quickly identify the causes of incidents in order to personally talk to or coach users who might be violating policy. This means that employees can quickly internalize best practices, which has been reflected in IVP’s decrease in incidents. 

“Certainly being able to go into Cyberhaven and say, last week we had 30 incidents, this week we have ten. And, we've addressed those employees. Now we keep seeing incidents decline. That's a big win.”

– Zack Willis, Senior VP of Technology, IVP

Seeing the bigger picture with a single glance

Because data lineage allows IVP to understand data flows, Michael is able to see patterns emerge really quickly, allowing him to immediately know what to prioritize at a given time. Michael says that this is something he was unable to accomplish with traditional data protection solutions, which would simply report a single dimension, like the content or type of data triggering policies. Having this bigger picture has increased the efficacy of IVP’s data policies and saved Michael’s team time.

“I think this is a really incredible time-saving way of managing data security.”

– Michael Traski, Director of Information Technology, IVP

Learn from the industry’s top-notch security innovators

If you enjoyed this recap, make sure you join us for our next installment of the Data Security Innovator series by subscribing to our blog.