Getting Started with Advanced DLP
This topic provides a quick start guide to Advanced Data Loss Prevention (DLP), covering its requirements, key capabilities, and next steps for implementation.
Prerequisites
Make sure that the following prerequisites are met before you get started with Advanced DLP:
Key Capabilities
Advanced DLP is a comprehensive solution that helps you to identify and secure sensitive or confidential data in cloud environments with simplified detection and protection, streamlined DLP, and unified data protection. It eliminates the complexity of scaling large volumes of data using various advanced content-matching techniques, providing control over sensitive information such as intellectual property, personally identifiable information (PII), financial data, trade secrets, and more.
It includes an extensive suite of capabilities that go beyond traditional data protection methods to safeguard data across all stages: at rest, in motion, and in use. This unified solution integrates with multiple platforms, including web, cloud, email, private applications, and endpoints. Organizations can leverage Advanced DLP to enhance accuracy and efficiency in data protection, apply robust DLP policies, maintain regulatory compliance, prevent data exfiltration, and address insider threats.
- ► Core Capabilities of Advanced DLP
-
-
Large File Scanning for DLP: Skyhigh enables you to scan and protect large files (up to 250 MB) containing sensitive or confidential data across sanctioned and web services. This capability expands the capacity of the DLP engine to analyze a wide range of file types, ensuring that large files are included in your data protection strategy. Organizations can leverage this capability to apply DLP and malware policies to large files, helping to maintain compliance, enhance security, and reduce the risk of unauthorized data transfers. For details, see Large File Scanning for DLP
-
Exact Data Match (EDM): Skyhigh’s enhanced EDM is a data classification method that detects and protects sensitive data based on its exact content instead of using generic data pattern-matching techniques. It enables you to classify data, such as personally identifiable information (PII), stored in structured data sources, like databases or spreadsheets. You can use EDM to identify and match specific data values or combinations of values via fingerprinting. EDM can process data in all languages, including Chinese, Japanese, and Korean. Organizations can use EDM to enhance detection accuracy, reduce false positive rates, improve operational efficiency, bolster data security posture, and maintain compliance. For details, see EDM.
- Indexed Document Match (IDM): Skyhigh’s enhanced IDM is a data classification method that detects and protects sensitive content stored as unstructured data in documents and files. It enables you to classify text-based documents and image-based files, such as Word, PDF, PowerPoint, or CAD files. You can use IDM to identify and match content completely or partially based on fingerprinting and indexing of documents and images. Organizations can leverage IDM to enhance data protection, improve detection accuracy, reduce false positive rates, streamline operational workflows, and maintain compliance. For details, see IDM.
-
ML Auto Classifiers: ML Auto Classifiers automatically identify and categorize sensitive data in text and image-based files using Skyhigh's pre-trained AI and ML models. You can use ML Auto Classifiers to quickly and accurately classify sensitive files in sanctioned, shadow, and web services, enabling granular and real-time DLP policy controls. Skyhigh's built-in data classifiers detect common sensitive data types, including Personally Identifiable Information (PII), Payment Card Industry Data Security Standards (PCI DSS), and Health Insurance Portability and Accountability Act (HIPAA) data. Organizations can leverage this capability to reduce false positives and negatives, enhance data security posture, streamline data governance, maintain compliance, and mitigate risks. For details, see ML Auto Classifiers.
-
Evidence File Retention for Shadow/Web DLP Incidents: An evidence file is a copy of compromised content that violates a Shadow/Web DLP policy. Skyhigh enables you to save evidence files in your data storage, providing granular insights and supporting in-depth forensic analysis of generated incidents. You can download evidence files associated with Shadow/Web DLP incidents individually or in bulk. Organizations can leverage these files to accelerate their response to data breaches, maintain compliance, mitigate risks, and refine their DLP policies. For details, see Save DLP Evidence for Shadow/Web DLP Incidents.
-
Next Steps
You can refer to the following table for steps on how to configure the Advanced DLP features. Once you configure the Advanced DLP features such as enhanced EDM/IDM and ML Auto Classifiers, you can apply these features to all types of DLP policies (Sanctioned, Shadow/Web, Private Access, and more) across Skyhigh SSE. This enables your classifications to be used in various types of policies, including those for On-Demand Scans.
Advanced DLP Features | Configuration Steps |
---|---|
Enhanced EDM |
|
Enhanced IDM |
|
ML Auto Classifiers |
|
Large File Scanning for DLP | Configure file size limit for DLP in sanctioned and web services |
Evidence File Retention for Shadow/Web DLP Incidents |
FAQs
Get answers to commonly asked questions about Advanced DLP features such as ML Auto Classifiers.