Major New Features

New, Extensible Data Collection Architecture with Sidecar Pools

Netskope One DSPM provides a data collection architecture, where individual sidecars collect necessary metadata and transfer classification results to the Netskope One DSPM application. Previously, sidecars were managed on an individual basis, requiring many manual touchpoints to deploy & monitor. This prevented large organizations from deploying our collection architecture at-scale. In addition, the old model did not provide redundancy in the case of a sidecar failure, which could delay scan results & interfere with the business’s ability to secure its data.

Our data collection architecture has now been enhanced to organize sidecars into pools, each representing one or more sidecars. This provides for many significant benefits such as:

• Sidecar pools allow for active-active redundancy in case of a sidecar failure, ensuring there are no gaps in data store telemetry. If one sidecar goes down, any other sidecar in the same pool will be intelligently picked up by Netskope One DSPM to continue the scanning efforts
• Scanning & classification across multiple large data stores is intelligently load-balanced, automatically spreading effort amongst the pool’s sidecars, leading to improved performance and greater concurrent scanning capability.

In addition, customers who orchestrate their infrastructure via Kubernetes can leverage our provided Helm Chart to mass-deploy & manage sidecars at-scale with a minimum amount of human effort. This includes:

• Deploying multiple sidecar instances at once
• Automatic sidecar pool registration & token management, without needing to manually perform this within the Netskope One DSPM UI
• Scaling of the sidecar pool size, to keep up with growing scanning & classification needs.

The above combination ensures that your data owners & security personel remain operational no matter the size or quantity of your data stores.

Azure Active Directory Support

You can now configure Netskope One DSPM to automatically sync with your Azure Active Directory (Azure AD). Doing so allows you control which specific employees are imported, map their Azure AD attributes (both default & custom) to Netskope One DSPM fields, and leverage these employee-specific values to trigger policies. 

Object-Level Data Ownership Support

With Netskope One DSPM's recently-released Role Based Access Control (RBAC) feature, you can assign any Platform User as a Data Owner. You can do this at the granularity of a data store, database, schema and/or table. The assigned Data Owners will be visible in Data Store Inventory drill-down object level hierarchy view. This capability allows you to filter for any objects that don't have Data Owners assigned. The responsibilities of the Data Owner within Netskope One DSPM can be controlled using Platform Roles.

Improvements

New Built-In Classifiers

Netskope One DSPM's classification engine has been enhanced with a list of new PCI built-in sensitive data type classifiers.