Discover and govern data access to enterprise cloud services' ecosystems

Discover and govern data access to service ecosystems

Cloud service ecosystems

People want to work seamlessly in the cloud. APIs make it possible for them to automate workflows and share data across services. Just think about the usefulness of sharing files from Dropbox in Slack or completing a contract workflow from Salesforce in DocuSign and then saving the executed contract in a Box folder. But these ecosystems also introduce risk if you’re not aware of the third-party services that are connecting to your sanctioned ones.

While you may enforce policies in your sanctioned cloud services, when ecosystem services start showing up, you can quickly lose visibility and control. We’ve found that the average “anchor tenant” service has around 25 ecosystem services linked to it in an enterprise. When you enforce a policy in your sanctioned cloud service, you need a way to govern and protect sensitive data in the ecosystem too.

Key Features

Full visibility

Gain full visibility into ecosystem services with an all-mode architecture capable of covering all cloud traffic whether your users are on premises or remote, using a web browser, mobile app, or sync client. Assess enterprise readiness of these ecosystem services with our objective Cloud Confidence Index (CCI) and calculate risk scores based on your organization’s usage.

  • See traffic from all cloud services, including ecosystem services
  • Gain visibility whether users are on premises or remote
  • Cover browsers, sync clients, and mobile apps
  • Assess services’ enterprise readiness based on 50+ objective attributes
Granular control

Only Netskope gives you granular visibility and control over your ecosystem cloud services. Rather than take a coarse-grained approach by blocking services, set your security policies based on identity, service, activity, and data. Choose from actions such as block, alert, bypass, encrypt, quarantine, and coach for policy enforcement.

  • Enforce policies across all cloud services based on identity,service, activity, and data
  • Protect sensitive data resident in or en route to cloud services 
  • Mix and match policy elements to carve out risk without blocking services
Advanced cloud DLP

Netskope Cloud DLP protects sensitive data in the cloud with accuracy and precision, with the ability to inspect all sanctioned and unsanctioned cloud services. Sensitive content is detected across 500+ file types and across structured and unstructured data, using 3,000+ data identifiers, metadata extraction, proximity analysis, fingerprinting, exact match, and more.

  • Control sensitive data in and en route to and from all cloud services
  • Get the highest degree of accuracy with fingerprinting and exact match
  • Further increase accuracy with keyword dictionaries, global data identifiers, and more
  • Target DLP policies using context like user, group, device, service, and activity

Cloud Service Ecosystems — Movie Line Monday

Learn about ecosystems of cloud services

In this episode of Movie Line Monday, Netskope CMO Jamie Barnett goes over 3 things that were surprising in a cloud service environment. First, Jamie shares what we’ve noticed in cloud services and their ecosystem such as Salesforce and the 2,200+ services in their ecosystem, AppExchange.


Govern usage

Govern the usage of unsanctioned cloud services based on contextual details such as user, service, device, location, activity, and content. Apply granular policies such as “prevent uploads of sensitive data to personal cloud storage services” or “allow access to Finance/Accounting services  for finance department only.”

Protect data

Detect and secure your sensitive content en route to or from any cloud service with advanced, enterprise DLP. Uncover sensitive content using predefined profiles for payment card industry data (PCI), protected health information (PHI), and more. Protect with automated workflows to block, quarantine, or encrypt your data.


Understand activity-level usage of your cloud services and detect non-compliant behavior and anomalies, such as unusual data movement or user behavior. Maintain detailed audit trails of cloud activities, and ensure compliance by governing access to your cloud services based on deep cloud context.

Trusted by leading companies

Netskope Cloud Report: Cloud App Ecosystems

Learn about cloud service ecosystems and why they matter in terms of visibility and security for your organization.

Learn more

Cloud App Ecosystems: What You Need to Know — blog

Learn about our research into the ecosystem of Box, Salesforce, Dropbox, and Google and what we recommend for organizations to secure cloud ecosystems.

Learn more

Want to see Netskope in action?

Request a Demo