Solved: Security Advisor for data protection vs. DLP

chrismc

I'm curious if there is any guidance regarding a new feature called "Security Advisor for data protection". I've read the support article, so please don't point me there, but would like to know how this fits alongside DLP rules. Is this new service going to replace DLP? Is it "DLP lite"? Does this service offer alternative protections to DLP? In general, why does this new service exist? Thank you.

KevinApodaca

No, this is not a replacement of DLP, see the wording from the blog post

Small businesses frequently lack the time, resources, and expertise that larger organizations have to implement robust security measures. As a result, threat actors often perceive these organizations as easier targets.

To help small businesses, we’re introducing security advisor, a set of new insights and tools designed to enhance security for small businesses – including threat defense, account security, and data protection capabilities. Security advisor offers tailored security insights, actionable guidance in the admin console, and simplified data protection controls — all to help businesses keep their customer data safe.

With security advisor, applying security settings is easier than before and the recommended settings can be easily adopted and customized to meet the specific needs of each organization in just a few steps. This helps organizations elevate their security posture, helps their IT team be more efficient by simplifying admin work, and helps reduce the risk of misconfigured security settings with a guided, in-app experience in the Admin console.

DLP continues to exist for anything that falls out of this scope, or wherever you need more customized rules.

View solution in original post

KevinApodaca

No, this is not a replacement of DLP, see the wording from the blog post

Small businesses frequently lack the time, resources, and expertise that larger organizations have to implement robust security measures. As a result, threat actors often perceive these organizations as easier targets.

To help small businesses, we’re introducing security advisor, a set of new insights and tools designed to enhance security for small businesses – including threat defense, account security, and data protection capabilities. Security advisor offers tailored security insights, actionable guidance in the admin console, and simplified data protection controls — all to help businesses keep their customer data safe.

With security advisor, applying security settings is easier than before and the recommended settings can be easily adopted and customized to meet the specific needs of each organization in just a few steps. This helps organizations elevate their security posture, helps their IT team be more efficient by simplifying admin work, and helps reduce the risk of misconfigured security settings with a guided, in-app experience in the Admin console.

DLP continues to exist for anything that falls out of this scope, or wherever you need more customized rules.

YuWei

From my experience, Security Advisor is a great starting point, especially for smaller orgs. It gives you a solid overview of where things might need tightening, but like others said, it doesn’t go as deep as full DLP.

One thing I’d add—something we’ve learned the hard way—is that neither of these really help much if data gets deleted or hit by ransomware. For that, we’ve started using a backup tool (we went with CubeBackup, but there are others too) just to have a full copy of everything like Gmail, Drive, and so on. Has definitely given us more peace of mind.Anyway, just thought I’d throw that out there. Always good to have layers when it comes to data protection.