Forcepoint ONE Demo Series – CASB Use Case

Enforcing data loss prevention (DLP) is most effective when considering contextual information such as user group, device type, and user location. Making configuration of DLP for managed SaaS apps simple, while factoring in contextual data, is a key differentiator for the Forcepoint ONE CASB.

• User experience: Connections to a SaaS app being managed by Forcepoint ONE are seamlessly directed to a Forcepoint ONE reverse proxy URL, ensuring all file uploads and downloads can be monitored and controlled.
• User experience: An attempt to download a Word document from a corporate SharePoint account is blocked because it is being requested from an unmanaged device. The user is also presented an information box explaining why the download is blocked.
• Administrator experience: A single proxy policy for Office 365 lets the administrator qualify the scope of the policy based on user group, device type, and location, and specify multiple file download and upload actions for different match patterns. Match patterns are selected from a dropdown of dozens of predefined or custom patterns. Download actions include allow, block, notify, encrypt, apply DRM, track, and watermark. In an upload DLP policy, the administrator can specify a match pattern that invokes malware scanning from Bitdefender or CrowdStrike and use that to block upload of malware.
• Administrator experience: Viewing the policy log report lets administrators see all user attempts to upload or download sensitive data or malware, with fields for timestamp, user name, SaaS app, user location, activity (download or upload), policy action, file name, and match pattern.
• User experience: A user is denied access to their corporate Office 365 account because they used an anonymizer service which was detected by the CASB based on the user’s IP address, and an appropriate “application blocked” is page is displayed.

Key demo takeaways:

Key features demonstrated: