Patent moves industry beyond “allow” and “block” toward real-time governance of cloud data and activities
Netskope, the leading cloud access security broker (CASB), today announced that it has been awarded United States Patent 9,398,102 for delivering granular visibility and enforcing granular policy and data security for cloud delivered services. This is the company’s second comprehensive patent this year (the first one was awarded for its multi-mode methodology for steering traffic to and from cloud apps). This patent complements the first by recognizing the company’s unique ability to enforce cloud policy controls at a granular data or activity level. This means that IT can move beyond a coarse-grained “allow” or “block” approach to cloud services to enforcing fine-grained policies based on a variety of conditions including deep cloud context and the the associated activities and data.
“This patent is consistent with our belief that organizations have moved beyond blocking the cloud services that make their employees so productive,” said Sanjay Beri, founder and CEO, Netskope. “IT and information security professionals need and want to allow their organizations to embrace those services while still protecting data and ensuring corporate – and in some cases regulatory – compliance in a centralized, consistent way that works across all apps. Rather than take a sledgehammer to the cloud with an ineffective, antiquated ‘block’ policy, we let them use a scalpel and carve out risky activities like ‘share,’ ‘download,’ and ‘edit,’ based on the who, what, when, and where of the situation.”
The patent affirms the intellectual property of Netskope in enabling IT to enforce policies across any cloud app, app instance, or app category based on multi-condition activities such as sharing intellectual property outside of the company, downloading regulated data to a BYOD device, or editing financial data without authorization. Moreover, IT can select from a variety of policy enforcement outcomes such as block activity, alert, encrypt, quarantine, coach user, or require user justification.
According to a Netskope study, activities such as “download,” “upload,” and “share” make up the majority of cloud data violations that can lead to data leakage and breaches. This underscores the need to maintain visibility and control over cloud services at the activity and data level.
“One of the foundational tenets of Netskope is that as organizations’ lines of business and functional groups move to the cloud, IT will need to safely enable those services rather than block them,” said Lebin Cheng, co-founder and VP Application Engineering, Netskope. “Our granular policies arm our customers with an array of useful choices that ultimately allow them to say ‘yes’ to the cloud with confidence as their enterprise data are protected.”
Netskope’s granular visibility and control described in this patent, coupled with its all-mode deployment architecture described in the first patent, solves the broadest range of cloud security use cases in the market, in real-time, and whether users are on-premises, remote, on a mobile device, or using a native app or sync client. These use cases include:
- Enforce activity-level, multi-condition policies such as “Block sharing from any file-sharing service if the recipient is outside of the company;”
- Enforce data-level policies such as “Alert if any user downloads sensitive business information to a BYOD device;”
- Identify activity- and data-level anomalies such as “Flag as an anomaly if a user downloads a sensitive file from a sanctioned app and then re-uploads the same file to an unsanctioned app;”
- Identify regulatory or industry policy violations such as “Require and log written justification if a user uploads Payment Card Industry Information (PCI) or Protected Health Information (PHI) to a cloud file-sharing app.”
- Download the June 2016 Netskope Cloud Report for the latest on enterprise cloud app usage trends
- Learn more about how to gain visibility into enterprise cloud apps and how to ensure they are secure and compliant
- Visit the Netskope Hub for the latest commentary and insight on trends from the Netskope team=
Netskope™, the leading cloud access security broker (CASB), helps enterprises find, understand and secure sanctioned and unsanctioned cloud apps. Through contextual awareness and a multi-mode architecture, Netskope sees the cloud differently. This results in the deepest visibility and control, the most advanced threat protection and data loss prevention and an unmatched breadth of security policies and workflows. The world’s largest companies choose Netskope, the only CASB that ensures compliant use of cloud apps in real-time, whether accessed on the corporate network, remotely or from a mobile device. With Netskope, enterprises move fast, with confidence. To learn more, visit our website.