Protect your sensitive data in the cloud
Umbrella multimode cloud data loss prevention (DLP) functionality analyzes outbound web traffic inline and out-of-band to provide unified control over sensitive data leaving your organization. It’s easy to deploy and manage with flexible policies incorporating pre-built, customizable data identifiers.
- Inspect data inline in real time with full SSL inspection via SWG proxy
- Use SaaS API-based scanning to inspect data out-of-band at rest without SWG proxy but with near real-time enforcement
- Unify inline and out-of-band policies and reporting in a single interface
- Create flexible, customizable policies with 80+ pre-built dictionaries
- Meet compliance requirements
Cloud app usage can lead to data loss
As more companies move critical enterprise data to cloud-based services, company data becomes more vulnerable to both malicious exfiltration and unintentional misuse by inexperienced users.
of data breaches involve personal data1
of employees have access to 1,000 or more sensitive files2
Data loss prevention using enforcement that works together
The most effective security comes from a layered approach. Umbrella integrates multiple components that were once standalone security services and appliances in a single, cloud-native solution.
First, Umbrella checks for domains associated with malware using DNS-layer security. Next, the cloud-delivered firewall (CDFW) checks for IP, port, protocol, and application rules. Next, the secure web gateway (SWG) checks all web traffic for malware and policy violations. Finally, Umbrella DLP functionality monitors and blocks sensitive data transmission in outbound web traffic.
1. Verizon, 2020 Data Breach Investigation Report, 2020; 2. Varonis, 2021 Global Data Risk Report, 2021