Cloud security DLP at a glance
Ransomware, phishing, and malware are persistent and ever-evolving threats that today’s remote workspaces need to consider. The shift to a remote-first office, which for many has become permanent, has meant that companies need to be better equipped to protect their data in the cloud.
Today, more than 45% of malware is delivered via the cloud. To protect against modern security threats like data exfiltration, data leakage, and other types of sensitive data and secrets exposure, companies are turning to data loss prevention (DLP) and cloud access security brokers (CASBs). Choosing the right solution is critical to minimizing security blind spots and enforcing consistent security across devices.
[Read more: Cloud-native as the Future of Data Loss Prevention]
Today we’ll cover some of the top solutions to help keep your organization’s sensitive cloud data secure: Netskope and Nightfall. Here are the two providers at a glance:
NightfallNetskopeProductCloud DLPCASBImplementationVia APIOptions range from API connectors for managed apps to inline options.RemediationMachine learning detection, can be fully automated with workflowsVia the Netskope Security CloudComplianceGDPR, CCPA, HIPAA, and PCI-DSS and more SOC 2, ISO 27001, CCPA and more Application CoverageSlack, GitHub, Google Drive, Jira, Confluence, Salesforce, Gmail, Fluent Bit, Cribl, Hanzo E-discovery, and any custom app via the Nightfall Developer PlatformNetskope’s cloud app coverage includes SaaS applications like Box, Dropbox, Google Drive, Slack, and Facebook WorkplaceDetectorsPII, PHI, PCI, Secrets, Keys, Credentials, and more within text, messages, images (via OCR), and dozens of file typesDecodes and inspects traffic such as unmanaged cloud services, sync clients, mobile apps, and TLS-encrypted cloud services and websites, to identify and address threats. Offers fingerprinting to provide customization in data detection.
What is Netskope?
Netskope’s cloud security platform and product suite offer unified capabilities for data and threat protection, as well as secure private access. Netskope is a Secure Service Edge (SSE), a set of security services that converge to enable SASE architecture.
Netskope’s solutions, including the Netskope Intelligent Security Service Edge (SSE), are built on the Netskope Security Cloud. Netskope’s products include:
- Security Service Edge (SSE)
- Next Gen Secure Web Gateway (SWG)
- Cloud Access Security Broker (CASB)
- Cloud Exchange
- Private Access for ZTNA
- Public Cloud Security
- Advanced Analytics
- Cloud Firewall
- Digital Experience Management
- Remote Browser Isolation
- SaaS Security Posture Management (SSPM)
- IoT Security
As an integrated security service, Netskope provides many options for users, but can be time-consuming to set up and configure. Additionally, Netskope’s DLP is predominately limited to inline coverage for data in motion between cloud services and endpoints. DLP implemented in this way cannot benefit from machine learning detection, as it’s too computationally expensive to deploy over proxies.
To overcome this limitation, some Nightfall customers use Netskope in tandem with our cloud layer DLP solution.
Nightfall: The best solution to fully protect cloud data
Nightfall is cloud-native data loss prevention that integrates with common, popular cloud programs such as Slack and AWS using APIs.
Nightfall is the industry’s first and only cloud DLP solution that deploys machine learning-trained detectors to automatically scan 150+ types of PII, PHI, PCI, credentials, secrets and more. Cloud DLP can fill in where CASBs fall short, connecting with cloud applications through APIs and giving application-layer visibility to security teams who need to remediate data security incidents in the cloud.
[Read more: 4 Ways CASBs Differ from Cloud DLP]
Through APIs, Nightfall integrates deeply into cloud applications including Confluence, GitHub, Jira, Slack, Salesforce, Google Drive, and more. Our platform’s interface makes it easy to customize and configure detections for the data you wish to protect.
Nightfall is built to help large enterprises not only protect valuable information, but also stay compliant with regimes like HIPAA, GDPR, and CCPA. Perhaps most critically, we provide tools to help coach users on safe and compliant behavior.
Block the sharing of a PDF file in Slack, alert on the download of PII from Salesforce, protect IP in Github, Confluent, or Jira, and the list goes on. For example, set up Nightfall to alert users, "You are uploading a sensitive document to Slack. We have a corporate account with Box, and here is the URL to sign in."
Nightfall’s developer platform enables organizations to protect any type of data in any app. Our set of APIs classifies & protects sensitive data, like PII and credentials in your app or service. In minutes, developers can sign up for free, determine what data they seek to detect — either from our high-accuracy detectors or their own — and scan text & files using our SDKs or API with methods to detect & de-identify sensitive data.
Nightfall has significant funding, operating history, and backing by leadership from Atlassian, Okta, and more; and executive leadership from Uber, Salesforce, Carta, Microsoft, Box, Slack. We provide a dedicated customer success manager, solutions architect, help center, and support.
Learn more about Nightfall’s cloud DLP capabilities by scheduling a call with one of our experts at the link below.