Netskope One DSPM 3.1 release notes
Major New Features
Data Owner Enhancements
- We have renamed Data Custodian to Data Owner. You can now create a Data Owner from Platform Users page and restrict their visibility within Netskope One DSPM to specific data sets.
- While creating a Data Owner, the Netskope One DSPM Admin can also define the Data Owners preferred workflow for receiving notifications/tasks.
Data Owner Assignment to Data Store
- When connecting to a Data Store, the Netskope One DSPM Admin can assign a Data Owner to a Data Store, making them the Data Store Owner.
Field Classified Policy → Updated to Classification Policy
- We have enhanced the Field Classified Policy and changed the name to Classification Policy. Previously, this type of policy triggered an alert when new fields were classified or re-classified. This policy will now run on the entire data set at the end of each scan and generate a task instead of an alert when the field(s) matches the conditions defined in the Field Classified policy.
- If a task is already open for a given data store/policy combination, then the software will update the existing task and not create a new task.
- Tasks are available in a new tab under the Alerts menu in the left nav.
- By default, Data Owners are notified of a new task via their preferred notification method.
- If a scan does not find any violations of a Classification Policy within a given data store, all open tasks for that policy/data store combination will automatically be resolved.
Classification Filters → Classification Policy
- You can now create a new Classification Policy directly from Filters in the Classification Page.
- Using this functionality, you can easily create a policy while filtering fields to alert you whenever a specific condition is met in the filtered data set.
New Data Store Discovery Policy
- We have added a new Policy Type called Data Store Discovered. This policy is supported out of the box. It generates an alert whenever a new data store is discovered.
Azure Support
- We have added Azure Multi-Account Support with Data Store Auto-Discovery.
- We have added support for Azure Synapse Analytics.
- Configuration Analysis and Privilege Analysis has been extended to all Azure Data Stores.
Mute Alerts
- You now have the ability to Mute Alerts that are generated by any Query-based Policy Type (Exfiltration, Privacy, Data Modified).
- If you need to give some Users/Employees permission to run queries against a Data Store but not all for a limited period of time and don't want to be alerted for those users/employees, you can mute a particular alert (tied to Policy Name) for a certain period of time and for a certain user/employee. You can also mute alerts for groups of employees using Employee Tags.
- Mute Alerts also works for service accounts.
SSO User Updates
- You can now create SSO Users as Platform Users with different roles (Admin, Data Owner and ReadOnly) even before they login to Netskope One DSPM.
Behavior Updates to Classification Fields
- We now show the System Confidence level for Sensitive Data Type = “Not Sensitive.” Previously, "Not Sensitive" fields all displayed a 0% confidence.
- A field can be only be manually marked as Reviewed. Previously, a field would be automatically marked as Reviewed via a data type change.
- When any Netskope One DSPM user changes a field's Sensitive Data Type or Sensitivity Level, the system confidence gets updated to 100% with a man icon, indicating it was manually classified.
- If someone marks a field as Reviewed without changing the Sensitive Data Type and Level, the confidence will change to 100%, but a man icon will not be displayed. This indicates the user simply agreed with Netskope One DSPM's automated classification and didn't change it.
- When a field is marked as Reviewed, it will make the fields non-editable, essentially locking down the Sensitive Data Type, Sensitivity Level, and Existing Tags. You will be able to add Tags but not delete existing tags, unless Reviewed is de-selected.
- If the User de-selects "Reviewed" and clicks Reclassify on Next Scan, all the fields including System Confidence, Sensitive Data Type, and Sensitivity Level are subject to reclassification and will take on system-defined values after the next scan. The "man" icon will also disappear for any manually classified field that is subsequently automatically reclassified. Previous tags will, however, be retained, and new Tags (if any) associated with the new sensitive data type will be added.
New UI for Data Store Inventory, Configuration Analysis and Privilege Analysis
- We have a new, more scalable UI for the Data Stores Page which includes Discovered and Connected Data Stores, Configuration Analysis, and Privilege Analysis.
CONFIDENTIAL © 2024 Netskope