Amazon S3 On-Demand Scanning
On-Demand Scanning now offers support for Amazon S3. Any DLP policy can be run against content in an S3 Bucket to identify violations. Once a scan is complete, you'll find S3 violations in the Policy Violations page, which allows you to filter results by AWS account or S3 Bucket. Using DLP policies You can set up email notifications for S3 violations.
Policy Templates Page
The new Policy Templates page gives you the ability to filter on Policy Templates, apply those templates to your data, and create new policies from a template. You can also filter policy templates.
Email DLP for Exchange Online (Pre-Beta)
Organizations using API-based integrations with Exchange Online can now enforce DLP policies against outbound email messages with Email DLP. This feature leverages envelope journaling in Exchange Online to forward a copy of all emails to Skyhigh CASB, where message and attachment contents are scanned and compared against DLP policies. Violations then notify your admin team. You can also configure a quarantine mailbox to receive these messages for remediation.
New Data Identifiers
The following Data Identifiers, which are available for use in DLP Policies, are new in 3.6.1:
- Taiwanese National Identification Card.
- Canadian Social Insurance Number (SIN) has an updated list of keywords.
For details, see Data Identifier Definitions.
New Email Template Variables
You can create custom Email Templates to send notifications about DLP Policies to your users. The following new variables are now available to use with some policy templates:
- First Name
- Email Recipients
- Email Subject
For more information, see Create a Custom Email Template.
Skyhigh for Shadow IT
My Dashboard (Beta)
The My Dashboard user interface has been improved to provide more information at a glance. In each Card, graph trend lines show all available data in grey, then the selected date range for the Saved View is highlighted in color.
Skyhigh for Sanctioned Apps
Skyhigh for Egnyte (Beta)
Skyhigh CASB now integrates with Egnyte via API, providing activity monitoring and DLP policy enforcement for file sharing.
Office 365 Real-Time Collaboration Control for Shared Links
In addition to the existing Folder/File Collaboration controls, 3.6.1 includes control for shared links, both configured as Share Public on Web with Link (anonymous links) and Share within Company on Web with Link (links with org-level access) in Office 365.
Amazon AWS Global Email Notification Setup
When configuring Skyhigh CASB for AWS, you can now set up a list of email addresses that will automatically receive notifications for violations of all 49 Configuration Audit policies. This avoids having to go through each policy manually to add email addresses.
Policy Incidents Page
The new Incident Management > Policy Incidents page will replace the Policy Violations page in Skyhigh CASB 3.7. It includes the new Filters and Saved Views sidebar for easy filtering and the new Collaborators view in the Details panel.
NOTE: On the Policy Incidents page, when you download a CSV file, the columns in the CSV file reflect the columns in the table as displayed, but additional columns are included at the end by default. If the default columns match those displayed, those columns come first in the CSV file, followed by the remaining default columns.
Service Name Group By for User Reports
On the Users (Beta) page, a new Service Name Group By option is available, which allows you to select to report on All Services. For details, see Schedule A Report.
Search for a User with a Salt
To search for a tokenized user name in the user's database from the Omnibar on the Users (Beta) page or the Services (Beta) page, you must provide your salt value. The salt value will be stored only for the current browser session. For details, see Search for a User with a Salt.