California Consumer Privacy Act (CCPA)
The CCPA gives California residents the right to know what personal information a business keeps about them, understand how it gets used, and then prevent or delete the collection of their personal information. The California Privacy Rights Act (CPRA) extended CCPA to cover California-based employees, contractors, and emergency contacts. In...
Cloud data governance
Cloud data governance encompasses all principles, policies, and procedures for managing data in cloud environments. It focuses on managing the privacy of data according to regulatory compliance requirements and industry standards; mitigating data risk; and ensuring data is accurate, available and usable across the organization. Cloud data governance should enable...
Cloud data loss prevention (DLP)
Sometimes called cloud data leak protection, Cloud DLP refers to the technology and processes used to safeguard sensitive data against internal and external threats. These solutions continuously monitor the usage and movement of data and alert security teams about potential losses or breaches.
Cloud security assessment
A cloud security assessment evaluates a business's cloud infrastructure's risks, vulnerabilities, and existing security controls. Cloud security assessments are important because they help companies understand their cloud risks and take steps to remediate them.
Cloud security posture management (CSPM)
Cloud security posture management focuses on continuously monitoring and assessing the security posture of cloud infrastructure. CSPM platforms scan for potential cloud infrastructure risks such as misconfigurations, vulnerabilities or overly-permissive access control. Because they focus on the infrastructure of cloud environments, CSPM platforms lack the ability to do robust data...
Cloud transformation
Cloud transformation is the process of migrating traditionally on-prem techniques and tools into a cloud environment. Many businesses move their data, applications, and infrastructure to the cloud because it supports increased flexibility and speed. While beneficial in many ways, cloud transformation also brings new security risks such as misconfigurations, unauthorized...
Cloud-native security
Cloud-native security is a set of processes and solutions that secure the various aspects of an organization’s operations and data in the cloud. It encompasses the company’s entire cloud ecosystem, including application development and data storage. Unlike legacy security platforms, cloud-native security solutions typically employ built-in cloud services (i.e., APIs,...
Compliance automation
A compliance automation solution helps organizations align with privacy, governance and security requirements from internal and external stakeholders. It continuously reviews business processes to ensure compliance with regulations. Compliance automation provides a more effective and comprehensive approach than establishing and enforcing policies manually.
Compliance monitoring
Compliance monitoring means reviewing an organization’s routine functions and ensuring they are in alignment with compliance policies and procedures. Organizations can use a combination of manual tasks and automated solutions, such as a policy enforcement engine, to implement compliance monitoring.