Data resident within enterprise-enabled SaaS applications is not visible to an organization’s network perimeter. Aperture adds the ability to connect directly to sanctioned SaaS applications to provide data classification, sharing and permission visibility, and threat detection within the application. This yields unparalleled visibility, allowing organizations to inspect content for data risk violations and control access to shared data via a contextual policy.

Aperture builds upon the existing SaaS visibility and granular control capabilities of the next-generation security platform provided through App-ID™ with detailed SaaS-based reporting and granular control of SaaS usage. Adding visibility and control within SaaS applications with Aperture provides a full end-to-end security solution without any additional hardware, software or network changes required. 

 

Advanced Document Classification

Aperture inspects documents for common sensitive data strings, such as credit card numbers, SSH keys, and Social Security numbers, flagging them as risks, if improperly shared. Unique to Aperture is the ability to identify documents by type through advanced document classification, regardless of the data contained in the document itself.

Aperture has been pretrained to identify sensitive documents, including financial and legal ones, automatically. The document classification engine supports not only predefined document type classification but also the uploading of custom documents for classification to enable customer-specific data risk control. 

 

Retroactive Policy

Aperture has a unique approach to policy that is not dependent on time. A typical network security policy is only effective for data seen after the policy is set because it only sees in-line data and applies the policy from that point forward. This doesn’t work for SaaS data exposure security, however, since the data that is shared today may have been originally shared years ago.

Instead, policies created in Aperture will apply to all users and data from the beginning of the account’s creation to identify any violations. There is no need to wait for someone to try to access the data to resolve it; the violation is proactively found for resolution, no matter how old the data or share may be. 

 

No User or Network Impact

Aperture is a completely cloud-based solution, without the need for any proxies or agents to work. Because Aperture communicates directly with the SaaS applications themselves, it looks at data from any source, regardless of the device or location the data came from. Because Aperture isn’t in-line, it doesn’t impact latency or the bandwidth of applications, and has no impact on the end-user experience.

Native applications on mobile devices are also unaffected, so your users aren’t limited to only using Web-based access. With no network changes needed or proxies to set up, there is no impact on network configurations. Plus, no new software or hardware needs to be installed to use Aperture. It just works. 


 

EU Data Protection Compliance When Securing SaaS Applications

The purpose of this white paper is to clarify how Networks Aperture™ SaaS security service can be used in compliance with EU data protection requirements, including the upcoming EU General Data Protection Regulation.

  • 0
  • 182

Sample SaaS Application Report

The SaaS Application Usage Report summarizes actionable insight into SaaS application use in your organization for the 7 days captured in this report. Unsanctioned SaaS applications are SaaS Applications not approved or monitored by your security organizations. Unsanctioned applications could present a risk to your organization.

  • 0
  • 4326

Cloud Security is a Shared Responsibility

This brief discusses the responsibilities of cloud vendors and organizations for securing the cloud in various environments.

  • 0
  • 401