A Single Partner for Everything You Need Optiv works with more than 450 world-class security technology partners. By putting you at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can.
We Are Optiv Greatness is every team working toward a common goal. Winning in spite of cyber threats and overcoming challenges in spite of them. It’s building for a future that only you can create or simply coming home in time for dinner. However you define greatness, Optiv is in your corner. We manage cyber risk so you can secure your full potential.
Netskope Endpoint DLP Is Here! Breadcrumb Home Insights Blog Netskope Endpoint DLP Is Here! February 2, 2023 Netskope has led the industry with Data Loss Prevention (DLP) capabilities for managed SaaS apps utilizing their CASB API product and for both managed and unmanaged SaaS apps through their Cloud Inline (CASB Inline), NextGen Secure Web Gateway, and Email products. In late 2022, Netskope extended DLP capabilities onto the endpoint with the introduction of endpoint DLP. Legacy Endpoint DLP vs. Netskope Endpoint DLP Endpoint DLP is not a novel or revolutionary technology, but Netskope has implemented a unique method for enforcing data protection for SaaS applications and remote users. Prior to Netskope offering an endpoint DLP capability, an organization would need to split up their DLP protection capabilities across one or more products. Most attempts by legacy solutions have been complex, messy, and not administrative-friendly. In some instances, frustrations with these attempts have pushed organizations to look at alternative solutions. By expanding their DLP technology to the endpoint, Netskope allows organizations to utilize a straightforward cloud-based platform. Additionally, for current Netskope users, it enables the extension of existing DLP policies to the endpoint. Netskope also differs from legacy DLP providers in how they have implemented their endpoint DLP protection. Most legacy providers have rules/policies/profiles applied on the endpoint, where the DLP product keeps a local copy of these items. When a user attempts to interact with data, the endpoint performs all the heavy lifting of inspecting and deciding what to do with the data being copied. In the past, allowing the endpoint to perform the inspection of data made sense. However, as DLP evolved, the number of policies an endpoint had to enforce ultimately had a negative effect on the endpoint and started impacting user experience. Netskope has approached endpoint DLP differently, by sending and inspecting the data in the Netskope’s NewEdge Network, and by not inspecting the data on the endpoint. With this method, end user experience is not impacted. Netskope can also offer extra protection by examining files, such as screenshots and images, which older DLP products would have difficulty inspecting on the endpoint. Initial Release of Endpoint DLP Netskope has launched its first version of Endpoint DLP, which includes Device Control and DLP for USB based on feedback from customers. Device control is an important foundation for enforcing DLP on endpoints. Netskope’s device control allows organizations to create policies to identify approved USB devices, mark devices as read only, or outright block USB devices from being used. Device control policies can be developed based on device manufacturer, serial number, Device ID, or model. Endpoint DLP for USB enhances the basic device control policies by providing alerts or blocks when users copy or write data to USB devices. In some instances, organizations may have approved encrypted USB devices that are permitted by policy. Other organizations may need to allow copying of data to USB devices. But they may want to ensure that only non-sensitive items are allowed to be copied, while certain data such as PII (Personally Identifiable Information), PHI (Protected Health Information), or PCI (Payment Card Industry) data isn’t copied to an unencrypted or unapproved device. Reuse of Existing DLP Policies & Rapid ROI One of the advantages of Netskope is that it has a single management interface for all its products. This feature allows for a fast deployment of endpoint DLP by reusing existing DLP profiles that are already set for use in CASB, email, or web policies for endpoint DLP. Image Picture 1 - Real-Time Protection Policy Example The above Netskope policy is a Real-time Protection Policy example used for CASB, Web, and Email protection. In this policy, we are looking at the cloud application categories of Cloud Storage and Cloud Backup and inspecting uploads. During uploads, Netskope is inspecting the data and looking for DLP violations using custom DLP Profiles that look for unique data that this example customer has defined. Image Picture 2 – A Sample Endpoint DLP Policy In the above Netskope policy, we see a sample policy for endpoint DLP control that uses the same DLP profiles as the Real-time Protection Policy to prevent data that is stored locally on a device from being copied to a USB device. While this example demonstrates the ability to reuse DLP Profiles in an Endpoint DLP policy, these DLP Profiles can be applied in all areas within the Netskope platform—allowing for rapid ROI when extending an organization’s DLP program out to other protection areas. Device Control and USB DLP -- Just the Beginning for Netskope & Endpoint DLP While the initial release of Endpoint DLP is focused on Device Control and DLP for USB, Netskope is not stopping at these capabilities. They will continue to use customer feedback and market drivers to release additional DLP protection capabilities to endpoints in 2023. Copyright © 2024 Optiv Security Inc. All rights reserved. No license, express or implied, to any intellectual property or other content is granted or intended hereby. This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information. Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards. Complaints / questions should be directed to Legal@optiv.com By: Matt Frank Partner Architect for Netskope | Optiv Matt is Optiv’s Partner Architect for Netskope, specializing on how Optiv helps customers move to a Secure Access Service Edge (SASE) / Security Service Edge (SSE) architecture utilizing Netskope’s platform. Share: Optiv Security: Secure greatness.® Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
Copyright © 2024 Optiv Security Inc. All rights reserved. No license, express or implied, to any intellectual property or other content is granted or intended hereby. This blog is provided to you for information purposes only. While the information contained in this site has been obtained from sources believed to be reliable, Optiv disclaims all warranties as to the accuracy, completeness or adequacy of such information. Links to third party sites are provided for your convenience and do not constitute an endorsement by Optiv. These sites may not have the same privacy, security or accessibility standards. Complaints / questions should be directed to Legal@optiv.com
Optiv Security: Secure greatness.® Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit www.optiv.com.
Would you like to speak to an advisor? Let's Talk Cybersecurity Provide your contact information and we will follow-up shortly. Let's Browse Cybersecurity Just looking? Explore how Optiv serves its ~6,000 clients. Show me AI Security Solutions Show me the Optiv brochure Take me to Optiv's Events page Browse all Services