Palo Alto Networks introduced Enterprise Data Loss Prevention (DLP)—a cloud-delivered service that brings a fresh, simple and modern approach to data protection, privacy and compliance.
“Data breaches are a huge and growing problem worldwide, but the existing legacy and point solutions are not accessible, appropriate or effective for many of the companies that need them,” said Anand Oswal, senior vice president and general manager, Firewall as a Platform, Palo Alto Networks. “Our new Enterprise DLP solution is powerful; simple to deploy, with no new infrastructure needed; integrates with existing security technologies; and works for companies whether they keep their data in the cloud, on-prem or take a flexible approach.”
The solution helps protect sensitive data at rest and in motion across every network, cloud and user access and effortlessly helps solve three major enterprise data security problems:
- Helps prevent data breaches by automatically identifying confidential intellectual property and personally identifiable information (PII) consistently throughout the entire enterprise.
- Facilitates regulatory compliance by helping enterprises meet data security requirements for the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and many more.
- Inhibits risky user behavior to aid in blocking voluntary or involuntary data exposure and data movement.
As a single centralized cloud service, Palo Alto Networks Enterprise DLP can be deployed across an entire large enterprise in minutes with no need for additional infrastructure. In addition, the service makes it easy to define data protection policies and configurations once and automatically apply them to every network location and cloud where an organization has data. This also makes it easy for security teams to deploy DLP when organizations add new users or branch offices.
Because of its simplified policy engine and natively integration into existing control points, including Palo Alto Networks Next-Generation Firewalls, VM-Series, Prisma Access, Prisma Cloud, and Prisma SaaS, it has the lowest total cost of ownership (TCO) compared to complex legacy DLP products. This combines new and existing DLP offerings into a single comprehensive service, bringing Palo Alto Networks into the enterprise DLP market.
Palo Alto Networks Enterprise DLP can automatically detect sensitive content via advanced machine learning-based data classification and data patterns that leverage over 500+ industry-defined data identifiers. Some examples of these include, but are not limited to, credit card numbers, Social Security numbers and financial records.
Enterprises can use Palo Alto Networks Enterprise DLP in a number of ways:
Visibility: Discover sensitive data; detect and address broken business process, for example, HR sharing unencrypted data with an unapproved external vendor.
Notification: Alert users on violations to raise awareness of corporate policies; for example, show alert when a user is sending PCI data.
Education: Implement target training; for example, identify repeated offenders and train them not to upload proprietary source code to third-party sites.
Protection: Automate data protection and incident response; for example, quarantine sensitive files exposed on cloud storage.
“While we’ve always prioritized the security of sensitive data, we have been looking for a more modern approach to enterprise DLP,” said Joe Pampel, CISO and vice president of Operations at Vestwell. “We were drawn to Palo Alto Networks’ cloud-based service, which eliminates the need for additional deployment.”
“In the face of increasing cloud usage and an expanding remote workforce, cybersecurity teams face a strategic imperative—to protect distributed, in-flight sensitive data assets via a unified approach. The architectural complexity of legacy data protection solutions is still a huge obstacle towards adoption for many organizations,” said Doug Cahill, ESG Vice President and Group Director. “Based on a cloud-native implementation, Palo Alto Networks’ Enterprise Data Loss Prevention (DLP) is designed to protect sensitive data where it moves and lives—at the perimeter, at the edge, and in the cloud.”