Name: Netskope DSPM Overview, Demo, and Roadmap Sneak-Peek
Uploaded: 2025-04-10T05:46:11.383Z
Duration: 30 min 4 s
Description: Netskope DSPM Overview, Demo, and Roadmap Sneak-Peek

Transcript for "Netskope DSPM Overview, Demo, and Roadmap Sneak-Peek": Today, just to give people enough time to come and join us from their previous meetings, I'm gonna wait about thirty seconds before we get rolling. So please stand by. Thank you. Alright. Well, hello, everyone, and welcome to our customer webinar about data security posture management, a key component of unified data security from Netskope. My name is Tom Baumgartner, and with me today is Dipti Himani. We thank you for joining us, and we hope that you feel that this thirty minutes with us will be time well spent. Now before I get to the agenda in just a minute, I wanna share a few house housekeeping items here. Yes. All attendees will receive a recording of the webinar via email following, following this telecast. For any questions that you have, please use the q and a section at the top of your screen. Near that q and a section is another section titled docs where you can get pointers to resources that relate to Netskope one DSPM. And last, do be on the lookout for some poll questions that we'll be doing in certain moments of the webinar. Alright. Now a quick look at our agenda. First of all, we're gonna talk about data security in the modern era, a very dynamic topic pretty much changing by the day. And then we're gonna talk about how all of this rapid change is causing security leaders to rethink their approach to protecting data. We'll talk next about how it's not just about protecting data from possible leakage, but also about preparing proactively to control risks like that. All those three topics will take about ten minutes, and then I will hand things off to Dipti. She will give us a demo of Netskope One data security posture management focused on five top use cases. And then before we wrap up, she'll give us a glimpse of what our product vision looks like and some high level road map info that aligns to that vision. So let's get started. If you attended our data security converged virtual symposium yesterday, this slide that our CEO, Sanjay Baumgartner, presented might look familiar. Besides your people, your data is arguably the most valuable asset in your company. Today, I'm gonna talk about how Netskope helps you answer four key questions that you see at the top here about your data to help you make sure it stays secure. What data do you have, and what kind of data is it? Where is all those data? Who has access to this data? And what are the risks associated with all the activities that involve this data? The reality today is that your data is stored and located very differently than how it was even a few years ago. 90% of that data nowadays is unstructured, meaning it could be the output of generative AI, could be in a in a file or something like that. Second, over 60% of that data now lives in the cloud. Now this doesn't mean just corporate owned cloud apps. It could be in business unit led systems or user led shadow systems, and some measurements place the number there as high as 97%. Could be a cloud app, SaaS app, could be something on prem, could really be all over the place. You then marry that concept, that in the past two years, and there's just been more data created than in the history of time. You realize that you really do have datas for all. Now a big thing that you think about when securing that data is, where is it? Is it in a data warehouse or a data lake? Is it in a website? Is it in emails or maybe on endpoints? Maybe a SaaS app? Another thing is and I apologize for maybe going a bit out of order here, but the other question is what is the that data? What type of data is it? There's some types of data that I'm okay with having in these different places and used in a specific way and others where I'm not okay with that. The next thing is, who has access to it? And it doesn't have to be a who like an actual person. It could be a device. It could be an AI agent. It could be another app. And then, of course, figuring out how risky the, the interactions are between the data and those who's and what's, which sometimes can depend also on the where's. There there, there really is this data security conundrum in the modern era. Data everywhere. A lot of it not yet discovered or understood, and yet you somehow need to protect it. Now with data being everywhere and the attack surface being bigger than it's ever been as a result, protecting it from attackers is also harder than ever. Breaches can cost so much to some companies that sometimes they go out of business. The regulatory climate has never been more active and compliant with data security regulations has arguably never been more challenging or complicated. To illustrate these magnitudes with some metrics, we know that over 60% of customer data is now in the cloud as I alluded to a minute ago. Gartner predicts that by 2027, more than 70% of enterprises will use industry cloud platforms to accelerate their business initiatives, up from less than 15% in 2023. Also by 2027, '70 '5 percent of employees will acquire, modify, or create, technology outside their ID department's visibility. This is up from 41% in 2022. Today, 84% of security and IT professionals list that data protection frameworks like GDPR and CCPA, those are mandatory requirements for their industries. The average cost of a data breach reached an all time high in 2024, just last year at 4,880,000.00, a 10% increase from 2023. Now back to this slide for a moment, and I'm gonna remove everything except for what's in the upper right. And let's focus on just that question in the green capsule. How can we proactively control data risk? The answer to that question is what you tuned into this webinar today to learn about, and that is data security posture management or PSPM for short. Now since all of you watching and listening to this webinar are Netskope customers, you already know about the advanced security that Netskope offers to protect your data, whether it's through CASB or DLP for data in motion or any of the other capabilities in Netskope as you can see, illustrated here on the left. Well, Netskope DSPM fills a gap, proactively securing data at rest, whether it's on prem or in the cloud and whether it's structured or unstructured. It answers the what, where, who, and how questions here at the top. It provides continuous real time visibility into your data security posture across your entire data landscape. It provides scores and risk indicators that highlight critical risks in data stores, user access, and interactions while continuously scanning for risky behaviors, sensitive data violations, and potentially harmful queries. Essentially, it manages risk across your data life cycle. It begins with proactively discovering data sources and identifying or classifying the sensitivity of that data. It then tags this data for various purposes, whether it's for compliance, regulations, or business. This allows for purpose based policies, enabling you to apply controls to group data based on classification results or tags. For example, Netskope One DSPM can ensure that personal identifiable information is not stored in misconfigured databases or restrict access to sensitive data based on user roles, like preventing your marketing department from accessing PCI information. A key differentiator in Netskope One DSPM is its ability to perform query analysis for structured data, identifying potential insider threats by tracking large unauthorized data downloads or queries that might be targeting an individual's private information. It also integrates remediation workflows to address and contain violations, ensuring proactive risk management. This includes taking necessary actions to correct issues as they arise. Finally, while practitioners receive insights into risk factors and guidance on prioritizing and implementing controls, Netskope DSPM provides executives with a clear view of their data security posture, highlighting whether it is improving or deteriorating. This comprehensive approach ensures that you can effectively manage risk across your entire data life cycle and deliver cohesive data security. Now many of you tuned in today because of the attention we are going to give next to our top five use cases. We listed these on the registration page for the webinar, but to recap, they are discovery and classification of sensitive data, data access governance, data usage risk analysis, data privacy and compliance, and policy validation and enforcement. I'm gonna hand things over to, Dipti now, and she will give you some demonstrations of each of these as well as give you a glimpse into our product vision and our road map. Dipti, I'll hand things off to you. Thank you, Tom, for walking us through, the DSPM overview and the use cases. I'll be taking you guys through a demo of the DSPM platform. So with that, let me switch over to the demo. Most of you are familiar with this Netskope platform. But for today, we're gonna be looking at DSPM, data security posture management. As Tom mentioned, DSPM is a mechanics for you to know what is your data security posture look like. Is it good? Is it bad? And, also, we break it down as per risk associated that are causing it to go bad in case that's the case. So we break it down as infrastructure risk, data risk, users, and applications related risk, as well as interactions, risky interactions that are happening with the sensitive data. As you can tell, we not only provide, the risk associated with the data, but at the same time give you an, visibility into the statistics of how much sensitive data you have, where is it located, as well as risk and the recommendations on how you can contain and get to a better data security posture. Now this is great, but everyone asked me how do we get to this view? So for cloud applications of our cloud infrastructure, the first thing we do is we onboard the cloud infrastructure, whether it's AWS, GCP, Azure. The moment you onboard the cloud infrastructure, we start looking and discovering the data stores that live in that infrastructure, both structured and unstructured as you see here. This gives the security team a visibility into maybe managed or unmanaged data stores that they may or may not know about. At the same time, we start highlighting some of the potential risk related to the data stores configurations. At this point, we know that there is some potential risk associated with it. But to actually detect the true impact of that risk, we need to connect to your data stores and understand what type of sensitive data lives in this data store. For for non cloud environments, for non IIS, such as PaaS or on prem, we directly connect to the cloud data platform such as Snowflake, Databricks of the world, or even for on prem data stores through a sidecar mechanics, deployment model. So you can connect to any of these, either directly or through the infrastructure. For the purpose of this demo, I have connected two of my data stores in the AWS environment as you see here. One structured, one unstructured. So let's take a look at this. As soon as we connect these environments and start understanding the data, we find what type of sensitive data is located in which data stores. We even now knowing that there was some potential risk associated with it and knowing the impact of the number of, sensitive fields in it, we're able to determine what is the true misconfiguration risk associated with that data store. And similarly, not, not just looking at what kind of data, as Tom mentioned, who has access to this data? What type of access do they have? And this is the right point where we start highlighting stale users that might have access and not use their access for a long time. Do should they really have access to these data stores? And, thus, calling out stale users, stale data stores. One of our key differentiators here, as you can see, is integrating with your, IDPs or identity management systems to understand the user's identity. This is what we can auto map and see which are the true employees that have access to this data stores and map it to their usernames or roles that have been being used on those data stores. So as you can tell here, there are many, you know, users and along with their other extra metadata such as, hey, is it a suspended user or is it a user, you know, that has access to this data store but does not exist in the IDP, we can start highlighting ghost users that have my access to data or even, decommissioned, you know, employees that might still have access to data. So this is brings us to a great use case, you know, that that security team needs to solve in terms of enforcing the principles of least privileges. Going back a bit on, and double clicking on the classification of sensitive information. As I've mentioned, for each of the structured and unstructured world, you know, fields and files, we have this level of granularity where we can, look into the struct data structure and say, hey. Which files? Where is it located? And what type of sensitive data it contains? We also associate it with some sensitivity levels out of the box and, what's in scope, what is it in scope for compliance purposes. We can add custom sensitive data types. As you can tell from the variety here, you can create your own, as well as custom data tags if needed. It's a mechanics to group and label and classify sensitive data, which can then be used for, downstream policies and enforcing workflows and remediations. At the same time, we also look at which users now have access to the sensitive data. And with all the IDP information, we can start defining, the the details around which employee or app this might be. This gives a quick view into the granular level that we can go to. The similar view is available for files that might contain sensitive data and what kind of sensitive data do those files contain. One of the key use cases that we get from a compliance standpoint, hey. You know what? We should never have PCI information, say, stored in data stores or, you know, credit card information stored in data stores that are, associated with, say, a public schema. And this not only is it easy to do here in real time as you can tell, but at the same time, the benefit that it gives you is any of these things that we see today can easily be converted to a policy. When I create a policy, notice, this is a no code policy editor. It's as simple as saying, you know, there should be no PII, say, in engineering data store. Hit next, and because we had the filters already configured, they come into the no code policy editor. It's a very simple way to add conditions if you want to add narrow down the scope of this policy saying, you know what? I'm only looking for doing this with, say, sensitivity level for high. And this can turn into your policy. You can back trace this policy, into and simulate it as well as what you can do is take a remediation action when a policy is violated. We have many, communication channels that are natively built into the product, and, you can tie these workflows in the sense of, hey. Let's send an email to the data owner when this policy is violated, or maybe open a Jira ticket. Or if you want to actually, you know, with the right permissions given to the product can trigger and remediate an action like modifying configurations or modifying access for a user. So any of these workflows can help you integrate with your ecosystem. That's how easy it is to create a policy in our product. Notice the different types of policies that you see exist over here. With the different policy types, we basically cover, pretty much all privacy compliance use cases, or the security use cases that Tom mentioned, throughout the data life cycle. You know, you might want to take an action when new data stores are discovered or when PII data, say, for example, is found in data stores that are misconfigured. Or you might have policies around, hey. You know, marketing should never have access access to PCI data or essentially, you know, anything related to, hey. Ghost users should never have access to any kind of sensitive information. We took a look at the classification related policies already, and the last three here are more in line with, data in use. So, essentially, if you want to define, you know, engineering should not be downloading greater than 10,000 rows of, say, PII information or somebody attacking a the CEO's privacy, information that could be a privacy violation of when it's modified. So, essentially, we cover policies throughout the data life cycle. When the policies are violated, like I mentioned, we generate alerts in the system. So you will see these alerts that are generated in the system, but at the same time, if there is a workflow tied to this alert, it will be sent out to the workflow connected to those alerts. Not just cracking alerts in the system, but over a period of time, we start building what we call, a profile for the user. Over time, we start, you know, looking at their user behavior, and start associating a user risk rating now that we have all the metadata information about the user as well as we know, you know, which data stores this user has access to with sensitive fields if it's structured or files if it's unstructured, what queries they've run against this data store, and what alerts that queries might have generated. So, essentially, we start building out a profile, a risk profile, and doing some user assessment across these users. So this is how we kind of marry the user context with the data context and start bringing the picture together, which is one of our key differentiators from a data security posture management standpoint. So you can get answers to, you know, all the four questions that Tom mentioned, Billy, is who has access you know, what is my data? Where is my data? Who has access to it? And then start tracking, you know, interactions such as queries that might be risky in the structured world, and to that data. So that's how we cover the proactiveness of DSPM, in in, how we do this today. Let's get back to talking about the future. So as you can tell, from the conversation before, DSPM is very critical, in and critical part of our data security strategy. It's you know, it starts with coverage where we basically want expect data when we talk about data security, DSPM is something that provides coverage across all your data no matter where it lives. Right? It could be in IS, PaaS, on prem SaaS, and any other place where data can live. Providing visibility into not just the data, but other resources that relate to that data and might be causing an impact or a risk to that data, such as users, configurations, and third party applications. And then allowing you to apply granular controls when things are not in place, which is basically could be an in app alert and notifications or taking a, you know, external action through third party workflows or applying labels that or tags that exist in your environment. And lastly, even enriching the real time policies that we have through the Netskope portfolio of the products. So the vision is to do this across all contracts. Right? You wanna be whether data is rest, whether data in motion is sanctioned on unsanctioned applications, does not matter. Where we stand today and where DSPM fits in is already fills a lot of the gaps for the Netskope portfolio. Think about on premise. I think about all the structured data. It also augments a lot of the resources that that Netskope already, you know, already continue and continues to evolve on, the users, the the data, the the remediations, and third party blockflows. But to achieve the full vision, the goal here is, to to be able to span not just across the cloud security piece, but, also get the shared data context from other resources in the Netskope portfolio, whether it's endpoint DLP, whether it is, you know, in line CASB, whether it is, you know, NPAs or SWIC. So that that sharing of context becomes a critical element of our consolidated data security visibility layer, which will provide comprehensive data security. That's the idea and that's the vision we have for evolving data security posture management. To achieve this vision, you know, our our near term road map for this year is potentially threefold. One, expansion on the breadth story. We want to be able to expand to all the data sources that Netskope sees today, including SaaS applications as well as, you know, in the AI world, there there is training data going into, various public and private LLMs as well as vector databases. Secondly, we want to improve the efficacy and, keep adapting to expanding and enhancing the detection abilities, which is one of the ways is integrating into the best in breed Netskope DLP profile, merging the classification engines. And this DLP will also be available as a DLP as a service in in the future, in the near term, I think, actually, coming soon. And lastly is, the ease of use. So we will as we integrate as you saw into the Netskope one platform, we will be integrating with, you know, a lot of the Netskope portfolio products, be it cloud exchange or others in terms of allowing for custom dashboard reporting with NAA and such. So that kind of, will will that's a journey to getting to either, you know, pretty much the calendar year '25 road map and, and our step forward in the direction of the vision that you saw, in the previous slide. Remember one thing, you know, where we stand and what our key differentiator is with what you get with Netskope is is not just a solution for data security. It is a comprehensive data security platform, providing visibility, consistency, and real time protection for your most critical assets in the organization, the the goals which is your data. Thank you for joining me today. I hope you like the session. Do do please check out the resources tab or the docs tab on your right hand side, which includes links to our web pages, and a recording for the data security conference symposium that happened yesterday. There are many other resources in that tab for data security policy management web pages, do check it out. Thanks for joining me today again.