cl-au logo
Story image

Palo Alto launches enterprise data loss prevention service

13 Nov 2020

Palo Alto Networks has announced a cloud-delivered service, Enterprise Data Loss Prevention (DLP).

The solution helps protect sensitive data at rest and in motion across every network, cloud and user access and helps solve three major enterprise data security problems:

  • Helps prevent data breaches by automatically identifying confidential intellectual property and personally identifiable information (PII) consistently throughout the entire enterprise.
  • Facilitates regulatory compliance by helping enterprises meet data security requirements for the General Data Protection Regulation (GDPR), Payment Card Industry Data Security Standard (PCI DSS), Health Insurance Portability and Accountability Act (HIPAA), California Consumer Privacy Act (CCPA) and many more.
  • Inhibits risky user behavior to aid in blocking voluntary or involuntary data exposure and data movement. 

As a single centralised cloud service, Palo Alto Networks Enterprise DLP can be deployed across an entire large enterprise quickly without the need for additional infrastructure. 

The service allows users to define data protection policies and configurations once and automatically apply them to every network location and cloud where an organisation has data. 

This also allows security teams to deploy DLP when organisations add new users or branch offices.

Because of its simplified policy engine and natively integration into existing control points, including Palo Alto Networks Next-Generation Firewalls, VM-Series, Prisma Access, Prisma Cloud, and Prisma SaaS, it has a low total cost of ownership (TCO) compared to legacy DLP products. 

This combines new and existing DLP offerings into a single service, bringing Palo Alto Networks into the enterprise DLP market.

Palo Alto Networks Enterprise DLP automatically detects sensitive content via machine learning-based data classification and data patterns that leverage over 500+ industry-defined data identifiers. 

“Data breaches are a huge and growing problem worldwide, but the existing legacy and point solutions are not accessible, appropriate or effective for many of the companies that need them,” says Palo Alto Networks senior vice president and firewall-as-a-platform general manager Anand Oswal. 

“Our new Enterprise DLP solution is powerful; simple to deploy, with no new infrastructure needed; integrates with existing security technologies; and works for companies whether they keep their data in the cloud, on-prem or take a flexible approach.”

Enterprises can use Enterprise DLP in a number of ways:

  • Visibility: Discover sensitive data; detect and address broken business process, for example, HR sharing unencrypted data with an unapproved external vendor.
  • Notification: Alert users on violations to raise awareness of corporate policies; for example, show alert when a user is sending PCI data.
  • Education: Implement target training; for example, identify repeated offenders and train them not to upload proprietary source code to third-party sites.
  • Protection: Automate data protection and incident response; for example, quarantine sensitive files exposed on cloud storage. 

“In the face of increasing cloud usage and an expanding remote workforce, cybersecurity teams face a strategic imperative – to protect distributed, in-flight sensitive data assets via a unified approach. The architectural complexity of legacy data protection solutions is still a huge obstacle towards adoption for many organisations,” says ESG vice president and group director Doug Cahill. 

“Based on a cloud-native implementation, Palo Alto Networks’ Enterprise Data Loss Prevention (DLP) is designed to protect sensitive data where it moves and lives – at the perimeter, at the edge, and in the cloud."