Last week the industry converged in Las Vegas at Zscaler’s Zenith Live Cloud Summit for a week of keynotes, breakouts, training, and in-depth industry discussions. While the topic of Generative AI was on everyone's mind, one of the key focuses was on data security and how organizations can further embrace it across their organizations.
In one of the keynotes, Moinul Khan, VP & GM of data protection, spelled out the receipt for success regarding data protection, and highlighted several new innovations headed to a Zscaler cloud near you.
Before we get into the innovations, it’s important to understand Zscaler’s approach to data protection. It’s based on four key questions organizations need to ask as a first step to secure their data, protect their intellectual property, and maintain government compliance.
- Where is my data?
- Is it sensitive?
- Who can access it?
- Can I enforce consistent policies?
If you can answer all four of these questions, you’ve got a great data security program in place. Of course, this is easier said than done. To that end, Zscaler has delivered several innovations to help drive better data protection. Let’s look at a few of these key announcements:
Data protection for generative AI
The Zscaler platform now has the ability to granularly control generative AI activity and prevent the leakage of sensitive data to dangerous platforms like ChatGPTTP. Why is this important?
While ChatGTP has tremendous ability to increase productivity, it’s important to ensure sensitive data doesn’t leak out. Employees may be sharing sensitive source code or confidential notes with generative AI, which then gets consumed and reused across the platform via other inquiries.
With Zscaler’s new Data Protection for Generative AI, organizations can provide granular control over how ChatGTP is used. While some organizations may choose to use Zscaler CASB/Cloud App Control to completely block generative AI applications, with Zscaler’s data loss protection (DLP) inspection, organizations can now embrace ChatGTP, while ensuring sensitive data is not accidentally leaked.
Third-party SaaS integrations
Another key innovation highlighted was Zscaler’s ability to shine the light into dangerous connections sneaking into your SaaS platforms like Microsoft 365 or Google. Most organizations are completely blind to these types of connections.
Users can easily connect third-party apps like Grammarly, Calendly, or any number of other risky apps into your SaaS platforms. By giving these apps permission, they are allowing dangerous access to your sensitive data, for which you have no oversight.
While Grammarly and Calendly don’t seem so risky, there are plenty of other risky apps out there that are cause for concern. Highlighted on stage at Zenith Live was a common app called OneDrive Free Client, which is an open-source app that is part of a general secrets leak.
Easily available from GitHub is its client secret key. Any competent threat actor can leverage this secret key and have direct access into your SaaS platform.
With Zscaler AppTotal, organizations can take back these dangerous connections. By connecting AppTotal to your SaaS platform for monitoring, these dangerous apps can be easily identified and revoked. This has tremendous power to help you secure your SaaS data and reduce the attack surface across your key platforms.
Further data protection innovations
Another key focus for Zscaler on the Data Protection continued development across all the channels for data loss. This includes new features and innovations including:
AI-powered data discovery: Automatically find and classify data without the need for DLP engines and accelerate the discovery of data with in-depth ML-powered DLP rules.
Email DLP: Protect sensitive data attached to email via DLP inspection and define granular policy control SaaS application tenants and domains.
Endpoint DLP: Continue development of control over data at rest on endpoint. Find and control removable devices and other exfiltration methods, along with in-depth reporting and analytics.
BYOD protection: Control access to sensitive data across unmanaged devices. Enable browser isolation to ensure data is not copied, pasted, downloaded, or printed. Leverage DLP inspection within the isolated session to further apply granular policy control over sensitive data.
CNAPP: Effectively correlate and prioritize risk across cloud data estate while reducing cost, complexity, and team silos from build to runtime with a unified CNAPP platform.
Want to see all the innovation in action?
As you can see, Zscaler Data Protection has tremendous potential to transform how organizations find and secure their data. To see all the exciting innovations in action, check out the Zenith Live Keynote on Data Protection. To read more, visit our website.