Data Loss Prevention (DLP)

Discover, monitor and control how data is being used in your organization based on identity, device, behavior, browser, location, activity, and threat context. Establish data security policies that are appropriate for your enterprise without hindering productivity.

• Decodes the modern language of the cloud (i.e. APIs, JSON, Protobuf) to identify sensitive data, threats and user activities in real-time across thousands of cloud applications.
• Enables the safe use and control of unmanaged applications to maintain productivity.
• Supports advanced DLP capabilities to uncover and stop risky activity, such as:
  • Public sharing of files from cloud applications
  • The uploading of sensitive data to unmanaged, “shadow IT” cloud applications
  • The downloading of sensitive data to personal, unmanaged devices
  • The exfiltration of sensitive data from a business email to a personal email account
• Enhances advanced threat protection (ATP) to prevent cloud-enabled threats, phishing attacks on SaaS, and detect malicious activity.

Obtain contextual awareness of content being used in the cloud, provide real-time coaching against risky activities, and effectively protect your sensitive data no matter where it is by restricting unauthorized activity.

• Offers 40+ predefined regulatory and best practices compliance templates that are customizable
• Uses 3000+ language-independent data identifiers to inspect 1500+ file types
• Identifies and blocks user attempts to upload data to an unmanaged storage bucket or blob, whether via the cloud provider’s GUI or via copy and sync in the CLI
• Feeds API-based insights into Netskope One Platform policies for inline enforcement
• Delivers advanced protection with metadata analysis, file and binary fingerprinting, exact data matching and Optical Character Recognition (OCR)
• Uses machine learning enhanced scanning and classification for high efficiency and accuracy, enabling sensitive data to be identified and blocked from exfiltration in documents (e.g. patents, tax forms) and images (e.g. screenshots, driver licenses, passports, whiteboard images) without relying on traditional regular expressions and pattern matching, which are prone to false positives and false negatives.
• Train Your Own Classifier (TYOC) enables customers to train machine learning models on data types of their choice to go beyond the defined document and image classifiers provided.

Readily find and respond to policy violations in structured and unstructured data, webmail, social media posts, instant messages, and more. Quickly follow up to DLP violations and incidents with intuitive end-to-end workflows or third-party integrations.

• Utilize closed-loop administrative and remediation workflows to secure content instantly on demand
• Customize incident workflows: assign incidents, change progress status & override severity levels
• View both violations and excerpts of original content
• Perform investigations and analysis with comprehensive, deep activity audit trails – assign owners, track progress, and mark as resolved
• Use flexible policy response actions for Block, Quarantine, Encrypt, Alert and Coach users
• Provide Coaching to alert and warn end users about risky activity
• Access detailed metadata for a comprehensive view of alerts
• Establish customizable role-based access controls (RBAC).

Protect sensitive data and maintain data privacy by encrypting content to ensure that you always have full control. Files are encrypted in real-time without impacting user productivity.

Netskope enables you to protect your sensitive content as it leaves your organization’s perimeter and moves into cloud storage applications like Google Drive and Microsoft OneDrive, allowing you to retain full control of it.

• Netskope provides AES-256 strong encryption with a per-file key controlled by fault-tolerant, FIPS 140-2 Level 3 certified HSMs
• Files can be selectively encrypted in flight or encrypted as they are stored in the cloud storage application
• Optionally, you can integrate Netskope Encryption with your on-premises, KMIP-compliant key management system to ensure that you retain control of the keys and their lifecycle.

The Netskope NewEdge network is the world largest private SASE cloud and powers the real-time, inline security services of the Netskope One Platform allowing SASE services to be deployed at the edge where and when it’s needed.

Netskope NewEdge network is a carrier-class global network that provides the foundation for all Netskope One products and technologies.

• Netskope solutions like DLP, Next Gen SWG, ZTNA and ATP run on the NewEdge network to provide maximum performance and efficacy worldwide.
• Provides a massively over-provisioned, highly elastic cloud, built for scale and designed for data protection
• Presents no performance trade-offs, allowing security to be deployed at the edge where and when it’s needed
• Offers a unified network accessible to every customer with all security services available, no regional surcharges
• Avoids the reliance on public cloud infrastructure
• Provides full compute at every service point for real-time inline processing – no virtual points of presence (vPOPs)
• Utilizes extensive partnerships representing 300+ network adjacencies, including direct Microsoft and Google peering at every data center
• Delivers a future-proof, SASE-ready architecture with breadth and depth at cloud scale.