close
close
Your Network of Tomorrow
Your Network of Tomorrow
Plan your path toward a faster, more secure, and more resilient network designed for the applications and users that you support.
          Experience Netskope
          Get Hands-on With the Netskope Platform
          Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            A Leader in SSE. Now a Leader in Single-Vendor SASE.
            Netskope debuts as a Leader in the Gartner® Magic Quadrant™ for Single-Vendor SASE
              Securing Generative AI for Dummies
              Securing Generative AI for Dummies
              Learn how your organization can balance the innovative potential of generative AI with robust data security practices.
                Modern data loss prevention (DLP) for Dummies eBook
                Modern Data Loss Prevention (DLP) for Dummies
                Get tips and tricks for transitioning to a cloud-delivered DLP.
                  Modern SD-WAN for SASE Dummies Book
                  Modern SD-WAN for SASE Dummies
                  Stop playing catch up with your networking architecture
                    Understanding where the risk lies
                    Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        The 6 Most Compelling Use Cases for Complete Legacy VPN Replacement
                        Netskope One Private Access is the only solution that allows you to retire your VPN for good.
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                          Colgate-Palmolive Safeguards its "Intellectual Property” with Smart and Adaptable Data Protection
                            Netskope GovCloud
                            Netskope achieves FedRAMP High Authorization
                            Choose Netskope GovCloud to accelerate your agency’s transformation.
                              Let's Do Great Things Together
                              Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                Netskope solutions
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange (CE) provides customers with powerful integration tools to leverage investments across their security posture.
                                  Netskope Technical Support
                                  Netskope Technical Support
                                  Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                    Netskope video
                                    Netskope Training
                                    Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.

                                      Europe, Cloud, Safe Harbor, and Pending Legislation: Four Steps You Must Take Now

                                      Oct 12 2015
                                      Tags
                                      Cloud Best Practices
                                      Cloud Encryption
                                      Cloud Security
                                      Compliance
                                      GDPR
                                      Tools and Tips

                                      The recent European Court of Justice’s invalidation of the US-EU Safe Harbor as complying with the EU Directive on the protection of personal data is a foreboding precursor to the passing of the European Commission’s pending General Data Protection Legislation (GDPR).

                                      Both rulings have huge implications for how businesses around the world use, store, and move people’s private data, and there’s a lot of talk out there in the media about it. But there’s something missing: what this legislation means given the uncontrolled growth of cloud apps and shadow IT.

                                      Here’s the issue: Every line of business and every individual in every organization is using cloud apps. OK, that’s a slight exaggeration, but not by a lot. Here’s what we know. The average organization has 755 cloud apps in use (in Europe, it’s slightly lower, at 608). And we’re not talking eBay and Candy Crush.

                                      The apps we’re talking about include finance, marketing, human resources, supply chain, customer relationship management, enterprise resource planning, and more. Every line of business has adopted or is adopting a plethora of easily-integratable, best of breed apps to address today’s productivity, workflow, and even competitive challenges. In fact, so many of our customers view these apps as critical to their new initiatives that I’d go so far as to say that any organization undergoing a new technology initiative that isn’t cloud-based is probably making a mistake.

                                      It’s not just apps. It’s data. Last year we commissioned The Ponemon Institute to conduct a survey and develop a framework that measures the financial impact of cloud in data breaches. One of many fascinating findings is that IT and security respondents believe that they have 30 percent of their business data in the cloud (the estimate in Europe was 10 percent). Our data tell us that IT underestimates the number of cloud apps in their organization by about 90 percent. If they’re underestimating apps by that much, we believe that 30 (or 10) percent number is low too.

                                      So with hundreds of apps and at least a third of organizations’ business data in the cloud, how can any company that does business in the European Union even THINK about complying with this legislation?

                                      At Netskope, we have been hard at work addressing cloud security and compliance challenges, including this one. You’ll see more from us on this topic, and as the GDPR legislation gets solidified, ensure compliance using Netskope. But you can get started today; here are four practices cloud-consuming organizations can do to prepare for this legislation:

                                      Know what cloud apps you have. Knowing what cloud apps (or “processors,” in the parlance of the pending legislation) you have running in your environment is a critical first step. You cannot begin to protect privacy data if you don’t even know where those data are being stored. If you have not performed a Cloud Risk Assessment, do it now.

                                      Know what data are in those apps. Once you know which cloud processors you’re using, you need to know whether you have privacy data (or any sensitive data) in them. Get started with Netskope’s granular app categorizations to triage the most likely candidates. For example, HR, Finance, and Cloud Storage are good places to start. Identify the most used processors, and use Netskope’s thorough descriptions and ratings in the Cloud Confidence Index to know which are the most likely to contain privacy data. Where you do have administrative control, scan for content containing privacy data using Netskope Introspection. For other processors, inspect cloud traffic to identify privacy data en route to an app or app category using the Netskope Active Platform, the industry’s only solution with noise-cancelling DLP for accurate, efficient detection and protection.

                                      Ensure privacy data are stored in the EU. Identify the location of the cloud processors to find privacy data being hosted outside of a country (even temporarily, in the case of a processor whose headquarters and primary data center, for example, are in an acceptable country, but whose data are temporarily being hosted in an unacceptable one). Ensure those data are stored in the EU, or even within a particular country such as Germany, by enforcing granular policies by country in the Netskope Active Platform. For example, if data are being hosted by an app outside of Germany, enforce a policy disallowing upload of sensitive privacy data (or any data, for that matter) to that app. Or disallow the app altogether.

                                      Protect privacy data in the cloud. For cloud processors that you believe, or have found, to house privacy data, take measures to protect those data. That may involve disallowing the upload of content containing privacy data using a granular cloud DLP policy. Or it may involve the protection of those data in the cloud using cloud encryption. Both of those can be performed in the Netskope Active Platform. If the data already exist in the processor – irrespective of when they were uploaded or created there – you can scan for privacy data and then encrypt. And if you do use a technology such as encryption, make sure you retain control over the encryption keys so only you can gain access to the data.

                                      Whether you’re a European organization or one serving European customers, both the Safe Harbor ruling and the pending GDPR legislation will have sweeping effects on your use of cloud. Take these four steps to get ahead of the curve so you can maintain the competitive advantage you’ve gained by using the cloud while also protecting privacy data and complying this legislation.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog