February 28, 2018

Are you protecting your critical data? Even when it exists in SaaS applications?

Bharath Vasudevan

It’s been a while since we carved out some time to talk about DLP. At Forcepoint, we couldn’t be more excited about this product category and given how our growth has far outpaced analyst forecasts, we believe that you are too! Forcepoint DLP has evolved over time to provide our customers protection across the multiples channels where data exists – whether that’s happening at the endpoint or over the network across web and email channels.  Organizations can only protect their data if they know where it is, and there is one critical area where data has been rapidly moving that too many security organizations have overlooked, namely, cloud delivered SaaS applications. Often times this is due to the fact that the security organization was not part of the decision making process to adopt the application, but made aware around the time of implementation.

Over the past few months, we have been really busy trying to make an already-great offer even better, and in late November 2017, we launched DLP Cloud Applications 8.5 – which extends our analyst recognized market-leading data protection into the cloud.  This was all enabled by integrating CASB into our DLP portfolio.

Acquisition strategies typically play out in one of two ways: Running the acquisition as a standalone business or integrating the new acquisition to enhance the existing portfolio. In the latter category, which is more ambitious, you’ll see very few organizations succeed, and even when they do, it takes them a long time to get the integration to a place where their customers are happy.  Forcepoint picked up an amazing CASB solution and a team of experts when we acquired SkyFence in February of 2017, and by November of the same year, we were able to integrate that technology into our DLP portfolio with the launch of DLP Cloud Applications 8.5.

We know SaaS applications are a fact of life for many, if not all of our customers and we know that organizations are well past the “should I embrace this” phase in their decision-making process. Cloud-delivered apps like Salesforce.com and Office365 are pervasive across enterprises large and small. We also understand that an organization’s data protection is only as strong as its weakest link – which in many cases exists when their critical data ends up hosted outside of IT’s control in a SaaS application.

This is the first offering in our DLP portfolio that is offered via a subscription service and does not require a separate CASB license (like one of our biggest competitors). We made this offer work by extending DLP policies into the cloud and enforcing them using the SaaS application’s APIs.  Policies and incident workflow are still managed from one location - Forcepoint Security Manager. The incident database and forensics data store continue to be located in your data centers or public cloud infrastructure. We feel this combination of DLP security controls delivered as a service, but with critical data stored on-premises or in your public cloud infrastructure is the perfect solution for today’s modern enterprises.

By leveraging our CASB capability we are now able to prevent sensitive data from being uploaded and stored in authorized cloud applications, prevent downloads to unauthorized devices and even prevent the data from being shared with unauthorized parties. It’s important to think about what sensitive data can mean – beyond the traditional PII / PHI /credit card information. For R&D organizations, it can mean engineering source code or test-plans, for marketing teams, it can mean competitive information, and for departments like legal and HR, it could mean potentially embarrassing information – all the things that need protecting, regardless of location. At our initial launch, we support the expansion of our DLP policies into Office365 and its constituent components (Exchange Online, SharePoint Online and OneDrive for Business) as well as G-Suite, Box and Salesforce.com. We are constantly working to support additional applications and as we complete those integrations we will offer them to our customers.

Talk to your sales people about Forcepoint’s data protection for cloud applications and take a look at our new brochure to learn more about the DLP portfolio capabilities.

This is the first in a series of articles showing some love to DLP – we plan to talk about some packaging and pricing changes in the next few weeks and some really groundbreaking announcements around the RSA timeframe. Stay tuned!


Bharath Vasudevan

Bharath Vasudevan

Bharath Vasudevan is the Senior Director of Product Marketing at Forcepoint. His organization covers Forcepoint’s user and data security portfolio of solutions including data loss prevention (DLP), user and entity behavior analytics (UEBA), Insider Threat and Orchestration products. Prior to...

Read more articles by Bharath Vasudevan

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.