Shadow cloud services, like Facebook, are accessed by employees but aren't specifically sanctioned for use by their employer. McAfee MVISION Unified Cloud Edge (UCE) allows you to apply Data Loss Prevention (DLP) policies to Shadow cloud services or Web/URL categories to make sure that sensitive data is not exfiltrated by regular user access.
Shadow/Web DLP policies are enforced via the inline forward proxy, whereas Sanctioned DLP policies are enforced through the API.
The key benefits of using UCE Shadow/Web DLP are:
- Real-time enforcement. Shadow/Web DLP Policies are enforced in real-time before data leaves the corporate perimeter
- Unified Classifications. Use the provided McAfee Classifications or create Custom Classification, and leverage them across the cloud and on-premise ePO.
- Unified Incidents. Shadow/Web DLP policies evaluate outgoing data, and upon finding violations, they produce incidents that you can view in MVISION Cloud on the MVISION Cloud Policy Incidents page, along with other incidents related to DLP, Configuration Audit, and Connected Apps.
Create Shadow/Web DLP policies using the MVISION Cloud Policy Wizard.
For more information on UCE, see McAfee Unified Cloud Edge.