Looking for recommendations for DLP to cover endpoint, O365 and Salesforce
I am looking for suggestions for DLP to (possibly) replace Forcepoint.
Pretty much need to lockdown O365 and Salesforce in addition to the endpoints.
Feedback on systems you are familiar with (current please) are also appreciated.
Apparently, Gartner stopped publishing their magic quadrant for DLP in 2017, since data was apparently not reliable, implementations were poor and capabilities exaggerated by vendors. So far, I did not meet single CISO happy with their solution of choice: either difficult to deploy and configure or a pain to operate.
While I do not hold Gartner as ultimate authority, in this case, the statement is hitting close to what I have seen.
There are a number of providers including Forcepoint which uses the Raytheon DLP capabiliities for both Cloud and e-mail purposes.
However, increasingly, the market is changing and visibility especially between multiple clouds is increasing, one interesting one is Netskope: https://www.netskope.com/
We have recently partnered with them in Asia Pacific - however, understanding your risks, and how people work or want to work against you, in terms of unauthorised actions, and authorised within policy is important. This innovation capability provides you some interesting means of using both API's and agents where necessary, to provide you the visibility that you want and to ensure identification, detection, prevention and recovery can be achieved - it is not an easy journey - you have to have your wits about you, as you know within any DLP project, it is a journey, so take small steps and progress until you have the view you require, so that you can put in your enforcement where it is necessary to protect the organisation.