CloudLock for Salesforce
This amazing release allows admins to tune out the noise and focus on Salesforce report export incidents warranting additional investigation with increased levels of granularity in the policy engine.
Through the Salesforce Event Log API, CloudLock admins can customize policy criteria based on user location, export frequency, typical business hours, and/or Salesforce profile to policies relating to the Salesforce Report Export.
CloudLock for Google Apps
With this release, we enhanced CloudLock Apps Firewall to make it even easier for organizations to easily control access of connected apps in their domains. The release offers enhanced automation, more granular controls, and increased security. There are three new features we’re particularly excited about:
CloudLock for Google Apps
The Compliance Exclusions feature provides the ability to implement compliance exclusions in Collaboration Security, allowing you to tailor your compliance policies to only those files deemed sensitive.
Compliance exclusions refers to the ability to implement a custom regular expression (regex) that compliance scan will explicitly ignore when evaluating the respective policy. This functionality provides the added benefit of reducing false positives.
In May we rolled out a great people-centric security feature in Collaboration Security around user actions. The End-User Action feature provides users with the ability to revoke sharing on a file that is flagged by a policy from within a policy notification email.
After enabling this feature an organization’s policy(s), upon a flagged policy violation the user experiences the following:
With this action, the file permissions are modified accordingly, bringing the file back into compliance with the organization’s acceptable use policies (AUP).
CloudLock Apps Firewall – Support for classification by OU(s), User(s), and Subdomain(s)
CloudLock expanded its classification and control functionality within its Apps Firewall product, making it possible for organizations to audit and whitelist/blacklist third party OAUTH applications on the following:
Read More about OU, User, and Subdomain Support on our blog here.
CloudLock Collaboration Security
CloudLock Collaboration Security – Audit Log Export Enhancements
CloudLock Apps Firewall – Top 5 Trusted and Banned Apps and User Search
Apps Firewall is now enhanced with the following features:
CloudLock Collaboration Security – Compound Policies and Folder Awareness
We are pleased to release the following features in Collaboration Security:
Check out the blog post for more details.
CloudLock Collaboration Security – New Features
Check out the blog post for additional details on the significance of these features as well as instructions on where to find them.
CloudLock Apps Firewall – Policy Notifications
We have made the following improvements to the Policy Notifications within Apps Firewall:
For more details read our blog.
CloudLock Collaboration Security – Data Classification
CloudLock Collaboration Security now allows for tagging of files that violate a policy in the Google Apps domain. Administrators can configure policies to automatically tag flagged files with a per-policy, custom tag value.
This enables both administrators and end users to easily find any file that violates a policy, understand which policy that file violates, and then take action to remediate the policy violation.
With Data Classification through file tagging, you can:
Join the CloudLock Customer Community to share tips and tricks, interact with other customers, and stay up to date with CloudLock news and releases.
CloudLock Apps Firewall – Classification for Marketplace Apps
CloudLock Apps Firewall now allows administrators to identify and classify Marketplace apps. CloudLock Apps Firewall also identifies and displays App Access Scopes so that you can have a clearer understanding of exactly what data an app has access to, and therefore identify any risk involved in allowing the app to access data on your domain.
Here is what you can do:
CloudLock Apps Firewall – Support for Mobile Apps
Mobile Apps are now clearly marked in the CloudLock Apps Firewall Apps List. This enables administrators to understand whether users are installing 3rd party apps from mobile devices such as iPhones, Android Devices and tablets.
CloudLock Collaboration Security – Undo
Undo functionality is available for bulk operations. CloudLock administrators can initiate the Undo functionality directly from the Audit Log. This is how:
Undo is available for the following actions:
Undo functionality is available for bulk operations. Making a mistake in a bulk operation could result in hours upon hours of reversing actions performed on hundreds and thousands of files. CloudLock administrators save hours by initiating the Undo functionality.
Note: Undo is not available for file copy operations.
Cloudlock Collaboration Security – Compliance Scan in the Policy Engine now supports Regular Expressions
When defining policies to detect and secure sensitive information, you can now specify regular expressions directly in the Policy Engine:
Regular Expressions provide a powerful way to search for patterns which might suggest the presence of PII/PCI data within your organization’s documents in Google Drive (Docs). These could include: various IDs, passport numbers, phone numbers, IBAN numbers, patents, product SKUs and so on.
CloudLock Apps Firewall – Compliance Automation
Auto Revoke for Banned 3rd Party Applications: CloudLock Apps Firewall for Google Apps now allows compliance automation for banned 3rd party apps. Apps Firewall can be configured to automatically revoke 3rd party apps that have been classified as banned.
All applications that were flagged as banned will no longer be authorized to access your domain. The revoke actions are tracked in the audit log.
CloudLock Collaboration Security – Compliance Scan for Social Security Numbers is now available in the Policy Engine.
When defining policies to detect and secure sensitive information, you can also search for Social Security Numbers directly from the Policy Engine:
CloudLock Collaboration Security
Reduces scan times for CloudLock Collaboration Security by more than 50% (depending upon environment), allowing for analysis of only incremental changes to a Google Apps environment secured with CloudLock.
CloudLock’s Collaboration Security Policy Engine now provides automated actions based on document sharing settings:
1. Check Remove Sharing:
2. Automated actions are logged in the audit log
3. Email notifications are sent to reflect the action taken
Note: We recommend running a policy without automated actions enabled once to see how many files and sites would be affected, THEN add the automated actions.
Compliance Scan – Support for MS Office Documents
CloudLock Collaboration Security Compliance Scan now detects PCI and PII information in the following MS document types: Word, Excel, PowerPoint 2007 or newer
Compliance Scan – Improvements in Social Security Number Detection
Enhancements have been made to CloudLock’s Compliance Scan to more accurately identify and flag files containing Social Security Numbers.
CloudLock Collaboration Security – PCI Compliance Scan
PCI Compliance scanning is now integrated with CloudLock’s Security Policy Engine. Organizations can create automated policies to identify, notify, and track documents containing credit card information.
To enable a PCI Policy use the following steps:
CloudLock Apps Firewall: Subdomain Support
CloudLock Apps Firewall now has full subdomain support. We now scan the primary and all the subdomains.
CloudLock Collaboration Security: Scan Summary Report is now “Management Friendly”
The CloudLock scan summary email now looks similar to the centralized dashboard, highlighting the changes in the environment:
The new scan summary email:
CloudLock Apps Firewall: Community Trust Rating
CloudLock Apps Firewall now shows a Community Trust Rating for apps to help businesses evaluate which third party applications should be granted access to employee data. By showing the percentage of CloudLock customers that have classified each application as “trusted” or “banned,” enterprises can better determine which apps to embrace and promote, and which apps are not appropriate for the corporate domain.
The Community Trust Rating, is included in the Apps Firewall dashboard and shows the percentage of all CloudLock customers that have classified each application as “trusted” or “banned”. This crowdsourcing technology allows enterprises to easily gauge whether specific add-ons are acceptable for corporate use based on application access scopes as well as ratings from similar organizations.
Note: when using this feature for the first time, please run a scan first.
CloudLock Apps Firewall: Finding Google Drive Users
CloudLock Apps Firewall now lets domain administrators drill down into Google Drive users for immediate visibility. See which users and admins have the Google Drive Client installed:
From the Google Drive Client Adoption graph in the CloudLock Apps Firewall Dashboard, you can now click on admins and users to see a report showing who has the client installed:
CloudLock Apps Firewall: Scan Up To 50,000 Employees
Continuing our commitment to the largest Google Apps customers in the world, CloudLock Apps Firewall can now scan 50,000 employees.
CloudLock Apps Firewall: Revoke Apps Access
CloudLock Apps Firewall now lets domain administrators revoke unapproved applications domain wide for specified apps, or for a specified user.
Additional Apps Firewall enhancements include:
Collaboration Security: Removing External Domains
CloudLock Collaboration Security now allows customers to specify external domains that should not have access to selected files (ex: hotmail.com, gmail.com) and removes users from these domains from the document access list.
To remove external domain(s):
Note: Transfer Ownership function has been relocated to the More Actions
CloudLock Collaboration Security: Policy Engine – Time Based Policies
CloudLock Security Policy Management now allows time-based criteria when defining policies.
When you define a new policy or update an existing one, you can include time-based criteria. To add time-based criteria:
CloudLock Apps Firewall
CloudLock Apps Firewall lets organizations establish enterprise-class cloud security practices controlling corporate information 3rd party consumer Apps, authorized by end users, can access:
CloudLock Apps Firewall is designed to allow users the freedom and flexibility to perform their daily tasks while providing IT with the visibility and control to enforce the Approved Application Policy (AAP).
Scanning Suspended Accounts
CloudLock will now scan and report on suspended Google accounts. Because of this update:
CloudLock now shows documents owned by suspended accounts, even if they are not shared.
Policy Engine Templates
Policy Engine Templates are available directly in the Policy Engine interface and give users a set of easy-to-use best practices to effectively set up the following policies:
The new policy engine templates are available directly from the Policy Engine page:
Groups support allows the Google Apps Domain Administrator to limit CloudLock scans to specific groups. This feature specifically addresses a Google Apps for Higher Education requirement to be able to segregate staff and faculty groups from students.
Step #1: Check for the groups you have created in the Google Administrative panel
Step #2: In CloudLock, limit the scan to desired groups only:
Note: this feature can also be useful for enterprises as an ad-hoc tool to scan a specific group for troubleshooting and investigative purposes.
Policy Engine Notifications
CloudLock’s content-aware policy engine can now send alerts when policies are violated. This feature allows administrators to delegate security to data owners and end-users when their documents violate policies, and sends an email summary of all data flagged by the policy.
Each policy can be set to send one or both of the following notifications:
Each notification type lets the administrator define the recipients, subject, and body of the email. Scheduling for email notifications is done in the global settings area for all policies: Settings > Policy Engine Settings
Introducing CloudLock Compliance Scan
Today we’ve announced the industry’s-first pattern matching engine that identifies, classifies, and secures very sensitive information including Personally Identifiable Information (PII) like Social Security Numbers, PCI data like Credit Card Numbers, and any custom regular expressions, allowing Google Apps customers to address auditing and compliance requirements in Google Drive (Docs).
CloudLock Compliance Scan is currently in beta. If you’d like to see it, let us know here.
Once enabled, CloudLock Compliance Scan appears as an option in the “More Actions” menu in the document browser.
The Compliance Scan lets you search for:
When the scan completes, a report classifies documents by status:
All Compliance Scans and actions are recorded in the immutable audit log.
The following guides illustrate how organizations using Google Docs and Drive can find, classify, and protect PII and PCI data:
Sorting and drill-down updates
The last updated column in the documents list is now sortable. CloudLock users can now sort documents by last update to:
The CloudLock dashboard now shows non-native files as a percentage of all documents, and users can drill-down to view all non-native Google Apps files.
Filter documents by search criteria in CloudLock’s Security Policy Engine
Users can search by:
How it Works
When you define an acceptable use policy for your organization, you can specify the additional filter criteria as you define your policy.
Content-aware policies are available in CloudLock’s Enterprise Edition. To learn more about content-aware policies or to get a demo, please fill out the form here.
In this release:
Storage Quota Reporting: We’ve just released storage quota reporting in CloudLock which includes:
See Cisco Cloudlock in action from one of our cloud security experts
Your browser version is outdated.
We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!
Click on the icon below to download the latest version of your browserClose