Protecting Data in the Cloud with Encryption

Earlier this year, we announced our intention to deliver context-aware encryption for enterprise cloud apps. It is our pleasure to introduce Netskope Active Encryption, the industry’s only solution that protects data in fine-grained context, including user group, location, device, app or category, activity, and content. Unlike solutions for which encryption in the cloud is an all-or-nothing proposition, Netskope lets you narrow the aperture of data that needs protection so you can target the real risks in your organization without having to necessarily encrypt everything.

Netskope Active Encryption uses AES 256-bit encryption for data-at-rest that are being uploaded to, downloaded from, or discovered within cloud apps. In addition to having fine-grained contextual controls available in the Netskope Active Platform, customers can also enable encryption for content that matches the organization’s data loss prevention (DLP) profile, including personally-identifiable information, electronic personal health information, payment card information, profanity, and even custom regular expressions defined by the organization.

Beyond standard encryption, we are pleased to announce the release of a highly secure and fault tolerant in-the-cloud key management solution that is FIPS 140-2 level 3 certified with integrated hardware security module (HSM).  Our in-the-cloud key management solution is included with your purchase of Netskope Active Encryption. Besides providing our own key management, we will also integrate with enterprises’ existing key managers that support the Key Management Interoperability Protocol (KMIP). This helps organizations get the most out of their existing investments and manage all of their encryption keys centrally and in-line with corporate policies.

A few use cases that we uniquely enable include:

• A bio-pharmaceutical company can enforce a policy that says any file containing electronic personal health information must be encrypted upon upload to any data & analysis app.
• An investment bank can enforce a policy that says any existing folder in a cloud app containing M&A deal data based on the bank’s custom regular expression profile must be encrypted, and can only be shared within a collaboration group.
• An insurance company can enforce a policy that says any file being uploaded by an insurance adjuster from a mobile device into a cloud storage app must be encrypted.

We are excited to deliver this new offering and look forward to continue working with our customers as they enable safe cloud adoption for their users and business.