Forcepoint Releases DLP at Scale to Customers

Enabling DLP at greater scale

We also recently extended the capabilities of Risk-Adaptive Protection, helping customers utilize this powerful monitoring tool to increase the impact of their Zero Trust programs.  Here’s a quick overview of some of the capabilities we released to customers today:

Forcepoint DLP 10.0 brings our fingerprinting to another level. Customers are now able to fingerprint 5x more records (up to 100 million records containing up to 600 million cells).  Some of our financial institution customers that have made extensive use of our robust fingerprinting capabilities have noticed an added benefit—leading to greater customer confidence and with robust fingerprinting capabilities  more new customers. We designed scalable DLP to exceed the data growth needs of even our most demanding customers.

For all our customers, data continues to grow exponentially. With that growth comes the need to work with larger, more massive data sets.  Forcepoint exact data match (structured data) fingerprinting is one area that Forcepoint excels at, helping customers secure some of their most valuable records through fingerprinting.  Our Forcepoint DLP customers have used our technology to fingerprint millions of records when protecting their most valuable data. But some of our enterprise customers needed more scalability

Forcepoint has long been an industry leader in simplifying DLP management.  With over 1,700+ pre-defined policies/classifiers/templates as well as unified policy capability to define policies across all key channels for data exfiltration from within a single policy, Forcepoint simplifies data security management.   

Simplified management, new policy import/export capabilities

Personalized enforcement means personalized policies

New with Forcepoint 10.0 we are introducing policy import/export capabilities.  In the past, customers often needed to create policies in a test environment first and then rewrite them within the production environment.  With this new capability, data security professionals can simply export policies from the test environment directly into production. saving customers time and resources for ongoing DLP management. 

Monitoring risk to fit your business

Many customers use pop-ups for DLP policy enforcement as an effective way to address a specific potential data exfiltration event.  They also view these as a teachable opportunity, especially  where an actual block is not required.  With Personalized enforcement, organizations can further increase the impact of pop-ups by adding their company logo with text that is customized to that specific policy.  It’s clear from our testing that these personalized pop-ups resonate more clearly with users. Besides stopping data exfiltration events, personalized enforcement creates a more impactful learning experience for a user.  Just like scalable DLP, personalized enforcement is a feature that many of our customers have been requesting. 

The two new areas are:

In recent research, Forrester notes that “Zero Trust advocates these three core principles: all entities are untrusted by default, least privilege access is enforced, and comprehensive security monitoring is implemented[1].  Through Forcepoint’s Risk-Adaptive Protection comprehensive continuous monitoring is enabled and risky behavior is detected real-time, helping customers identify data breaches before they occur.  Two new features were released last month which extend this continuous monitoring by ensuring individual privacy while increasing the power of securing data. 

With this release, Forcepoint continues to introduce more innovation to data security.  I’ll blog more later this quarter to further elaborate on the Forcepoint Data Security Lifecycle where we help customers discover, classify, monitor and protect all their data everywhere it resides and anywhere people work.  Watch also for more around Forcepoint DLP integration with the industry leading SSE platform, Forcepoint ONE

  1. Pseudo-anonymization for RBAC
    It’s important that different types of people with different levels of security privileges be involved in monitoring risky behavior.  Business analysts often need to look at where risky behavior is occurring but aren’t required to see the private information of the people who are introducing risk into the environment. Data security teams on the other hand require greater detail on individual users who are involved in potentially risky behavior.  With Pseudo-anonymization for RBAC, Forcepoint helps organizations protect the privacy of individual users while continuing to evaluate risk and enforce DLP policies based on risky behavior at any moment. For someone in an analyst role, the individual user data is masked and tokenized so they can continue to perform their job duties without seeing detailed user information.  This allows more people in the organization to work with the user insights RAP brings without needlessly violating user privacy. 
  2. Customizable Indicators of Behavior (IoBs)

IoBs are at the heart of Forcepoint Risk-Adaptive Protection and the continuous monitoring that makes Forcepoint DLP so powerful.  Each IoB looks at a specific potentially risky behavior (e.g. data stockpiling, usage of removable storage, unusually large attachments to personal email, etc.) and then applies a severity to that behavior (low, medium, high, critical).  With over 150 IoBs, Forcepoint is extending the usage of RAP to more customers by providing the ability to do customization based on an individual organization’s business and individual needs.  If needed, an organization now can enable or disable a specific IoB, change the severity associated with a specific IoB, or apply exceptions to individuals or groups as warranted.  Exceptions could be applied for instance for someone in a finance role who needs to move credit card information as part of their work.  For organizations who loved the idea of continuous monitoring but wanted IoBs that more closely fit specific business needs within their organization, this expands their ability to reduce false positives/negatives in incident management and also expands their monitoring capabilities, improving their Zero Trust program. 

This post was first first published on Forcepoint website by Kevin Oliveira. You can view it by clicking here