Palo Alto cloud service prevents distributed enterprise data loss

Palo Alto is rolling out a cloud service that promises to protect the highly distributed data in contemporary enterprises.

The cloud service — Enterprise Data Loss Prevention (DLP) – will help prevent data breaches by automatically identifying confidential intellectual property and personally identifiable information across the enterprise, Palo Alto stated.

Data breaches are a huge and growing problem worldwide, but most of the current DLP systems were only designed to help global-scale organizations that have huge data protection budgets and staffs.  Legacy and point solutions are not accessible, appropriate or effective for many of the companies that need them, said Anand Oswal, senior vice president and general manager with Palo Alto Networks.

By using a simplified cloud service Palo Alto aims to change that notion. The company said Enterprise DLP can detect sensitive content by tapping into existing control points, including Palo Alto Networks Next-Generation Firewalls, VM-Series, Prisma Access, Prisma Cloud, and Prisma SaaS and using a machine learning-based data classification system to spot data patterns.

Palo Alto says the system can discover sensitive data; detect and address broken business process, for example, and HR system sharing unencrypted data with an unapproved external vendor or send up and alert when a user is sending PCI data.  In addition the system can quarantine sensitive files exposed on cloud storage, Palo Alto stated.

The service lets customers define data protection policies and configurations once and apply them to every network location and cloud where an organization has data. Oswal stated.  This also makes it easy for security teams to deploy DLP when organizations add new users or branch offices.

The modern ways of working, remote work and mobility for example,  are introducing different types of risk to data and key categories of applications are not on premise which introduces risk, said Heidi Shey, a principal analyst with Forrester in a presentation at the Palo Alto DLP introduction.  How to protect the data all of these workers are using is a key concern for enterprises. DLP is one of the tools companies can use to protect their data, Shey said.

Enterprise DLP is available now.

In a related security move, Palo Alto said it would acquire security vendor Expanse for $670 million.

Expanse offers a platform that helps customer determine weak points in their enterprise and protect against attacks. Specifically the Expanse platform maps exposed and untracked assets that comprise customers’ attack surfaces, evaluate and prioritize risk, and provide mitigation. At the close of the deal,  the Expanse platform will be integrated with Palo Alto’s Cortex suite of security attack and prevention tools.

“By integrating Expanse’s attack surface management capabilities into Cortex after closing, we will be able to offer the first solution that combines the outside view of an organization’s attack surface with an inside view to proactively address all security threats,” said Nikesh Arora, chairman and CEO of Palo Alto Networks in a statement.