To prevent the exfiltration of sensitive data via web storage, which solution is most effective?

The most effective solution to prevent the exfiltration of sensitive data via web storage is to use the firewall to forbid uploads to web storage. This approach directly addresses the potential threat by blocking any attempts to transfer data out of the organization through web-based platforms that utilize storage capabilities, such as cloud services or web applications. By configuring the firewall to restrict these types of uploads, organizations can significantly reduce the risk of sensitive information being leaked or misused through these channels.

Using a firewall in this way enables precise control over the data flow, empowering administrators to enforce data loss prevention (DLP) measures effectively. This method can also be tailored to the organization's specific policies and requirements, allowing for customization based on the types of data being handled and the risks associated with them.

The other options do not provide the same level of direct control over digital data exfiltration pathways. Disconnecting from the internet completely would prevent any web-based interactions, but it is impractical and would hamper all business operations. Utilizing a local shared drive does not inherently prevent data exfiltration; if sensitive data is stored on such a drive, it can still be exfiltrated via unauthorized means unless combined with other security measures. Installing AEP/Cortex XDR could enhance overall endpoint