Demo - Netskope for Google Apps
Netskope safely enables Google Apps by giving you the ability to find and control risky activities, prevent sensitive data leakage, and protect against threats
Netskope offers both out-of-band and inline deployment options to secure all key use cases in Google Apps. For the out-of-band method, Netskope leverages deep API integration with Google Apps to inspect content that has made its way into Google Drive and to perform a variety of actions that will help you reduce risk.
The Introspection dashboard gives you a bird’s eye view of your Google Apps content. You get visibility into how many files you have, what the exposure is whether the files are private, internally shared, externally shared, or even public. You are also presented with a list of DLP policy violations tied to the files in Google Apps in addition to the types of files that are there. You also have the ability to drill-into the details such as owner, size, type, and what your exposure is. Get additional details such as who the file is shared with, what DLP policies have been triggered, as well as an activity trail that shows who the user was and the date the activity was performed.
In addition to getting visibility into the content stored in Google Apps, you can leverage Netskope to take action such as change ownership, restrict access, encrypt, and change file permissions.
In addition to info about files, Netskope API Introspection also provides details about internal and external users, and the Google App ecosystem, showing you which apps have been granted access to the Google Apps environment. You have the opportunity to assess risk and revoke access.
Netskope can also be deployed inline to provide real-time visibility and control. This is key for use cases such as data exfiltration where you have a user logging into their corporate sanctioned Google Drive, downloading a sensitive piece of content, and uploading that content to their personal cloud app.
Providing API-level access to Google Drive will help provide visibility for data in Google Drive, but you need to be inline and have the ability to decode rich activity details to see what happens when the data leaves Google Drive. This is where the Netskope Active Platform comes into play. Netskope leverages an inline deployment combined with a patented architecture that can extract rich details about the activity even when it occurs across sanctioned and unsanctioned cloud apps. In this case we can see the user, the activity, the content, and the device and their location.
Now that we have visibility into risky activities such as data exfiltration, what can we do to prevent them from happening in the first place? Netskope provides real-time policy enforcement at a granular level. In this case, let’s start with a policy to prevent sensitive data from being uploaded to cloud storage.
For our inline policy, let’s specify cloud storage as the app category. Netskope uniquely supports category-level policies, which cover both sanctioned and unsanctioned cloud apps as part of a single policy.
Next we will choose our DLP configuration. Netskope offers advanced enterprise DLP with 3,000 data identifiers, 500 files types and advanced features such as fingerprinting, exact match, and more. For this use case, let’s choose PII, which is one of the default profiles that will look for personally-identifiable information.
Next we will choose what activities will trigger the policy. Since we are worrying about data leaking to cloud storage, let’s choose all activities that facilitate that leakage.
The last step with this policy is to choose the action to take and in this case it will be block since we don’t want sensitive data leaking to cloud storage.
Now that we have this policy in place, we want to create one more policy to allow Google Drive since we blocked everything with the first policy. Let’s clone the existing policy and change this one from the category-level to Google Drive and for the action we will choose allow instead of block. Now that this is in place, all PII data going to cloud storage apps other than Google Drive will be blocked.