Prevent data loss due to insider threats and compromised accounts and protect data to meet stringent regulatory compliance and data privacy requirements
Z Services CASB Threat Protection analyzes user activity in Salesforce across multiple heuristics, detects threats, and automatically takes risk-mitigating action. The built-in threat resolution workflow provides a complete audit trail of all user activity to support forensic investigations. As threats are resolved, Z Services CASB automatically incorporates this data into its behavioral models to improve detection accuracy.
Z Services CASB’s machine learning algorithms model typical behavior for a user, group, and time period to detect negligent and malicious behavior, such as an employee downloading sales contacts before leaving for a competitor. The solution also identifies privileged users viewing data outside of their role, degrading security settings, and creating dummy accounts for third-party access.
Z Services CASB identifies compromised accounts based on consecutive login attempts from two locations in a time period implying impossible travel, login attempts from untrusted locations, and brute force login attempts. The solution also identifies user credentials for sale on the Darknet, revealing accounts at high-risk of compromise to support targeted password update reminders.
Z Services CASB enables enterprises to protect structured and unstructured data leveraging Salesforce’s native 256- bit AES encryption. Z Services CASB integrates with KMIP- compliant key management solutions, on-premises or in the cloud, to broker the use of enterprise-controlled encryption keys across multiple Salesforce instances.
Z Services CASB enforces fine-grained access policies, such as allowing contact lookup on unmanaged devices but preventing report downloads to devices without appropriate endpoint security. Z Services CASB can also integrate with rights management solutions and apply IRM protection to files downloaded from Salesforce so that data is protected anywhere.
Z Services CASB enforces DLP policies across data at rest and in motion in standard and custom fields, files, and Chatter posts. Remediation options include user coaching, block, encrypt, administrator notification, and delete. Z Services CASB supports pre-built, industry-specific DLP templates and custom policies based on data identifiers, keywords, user groups, and regular expressions. Policy Violation Management provides a unified interface for reporting with a highlighted excerpt revealing the exact content that triggered the DLP violation.