SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Palo Alto Networks launches enterprise data loss prevention service
Thu, 26th Nov 2020
FYI, this story is more than a year old

Palo Alto Networks has introduced Enterprise Data Loss Prevention — a cloud-delivered service for data protection, privacy and compliance.

“Data breaches are a huge and growing problem worldwide, but the existing legacy and point solutions are not accessible, appropriate or effective for many of the companies that need them,” says Anand Oswal, senior vice president and general manager, Firewall as a Platform, Palo Alto Networks.

“Our new Enterprise DLP solution is powerful; simple to deploy, with no new infrastructure needed; integrates with existing security technologies; and works for companies whether they keep their data in the cloud, on-prem or take a flexible approach.

The solution helps protect sensitive data at rest and in motion across every network, cloud and user access and effortlessly helps solve three major enterprise data security problems:

  • Helps prevent data breaches by automatically identifying confidential intellectual property and personally identifiable information (PII) consistently throughout the entire enterprise.
  • Facilitates regulatory compliance by helping enterprises meet data security requirements for the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and many more.
  • Inhibits risky user behaviour to aid in blocking voluntary or involuntary data exposure and data movement.

"As a single centralised cloud service, Palo Alto Networks Enterprise DLP can be deployed across an entire large enterprise in minutes with no need for additional infrastructure," Oswal says.

"In addition, the service makes it easy to define data protection policies and configurations once and automatically apply them to every network location and cloud where an organisation has data. This also makes it easy for security teams to deploy DLP when organisations add new users or branch offices."

Because of its simplified policy engine and natively integration into existing control points, including Palo Alto Networks Next-Generation Firewalls, VM-Series, Prisma Access, Prisma Cloud, and Prisma SaaS, it has the lowest total cost of ownership (TCO) compared to complex legacy DLP products. This combines new and existing DLP offerings into a single comprehensive service, bringing Palo Alto Networks into the enterprise DLP market.

Palo Alto Networks Enterprise DLP can automatically detect sensitive content via advanced machine learning-based data classification and data patterns that leverage over 500+ industry-defined data identifiers. Some examples of these include, but are not limited to, credit card numbers, Social Security numbers and financial records.

Enterprises can use Palo Alto Networks Enterprise DLP in a number of ways:

Visibility: Discover sensitive data; detect and address broken business process, for example, HR sharing unencrypted data with an unapproved external vendor.
Notification: Alert users on violations to raise awareness of corporate policies; for example, show alert when a user is sending PCI data.
Education: Implement target training; for example, identify repeated offenders and train them not to upload proprietary source code to third-party sites.
Protection: Automate data protection and incident response; for example, quarantine sensitive files exposed on cloud storage.