Hear from our internal security team as they share how we use Enterprise Browser to provide the granular visibility and control needed to secure all web activity at Netskope.
We will cover:
-
Preventing Data Loss (DLP): How to enforce real-time policies to stop data exfiltration by controlling copy/paste, screen captures, file downloads, and printing, all within the Enterprise Browser.
-
Securing Unmanaged Devices: Strategies for safely enabling BYOD and third-party contractor access to corporate apps without requiring an installed agent or VDI.
-
Advanced Threat Protection: Blocking phishing, malware, and malicious websites at the browser level before they can impact the endpoint or network as well as control 3rd party browser extensions.
-
Enforcing Zero Trust Access: Integrating with your identity provider to apply adaptive access controls and ensure only authorized users access specific applications.
For more information, check out our blog post.
Check out some customer questions below, or feel free to comment and continue the discussion!
Q: Is this solution the same as, or overlapping with, 'NPA Browser Access AnyApp Configuration Guide'? Or, am I confusing the two?
A: Access NPA applications via RDP would be part of the Any App option, it allows for a different access port for TCP.
Q: If you configured Enterprise Browser to only allow certain applications through it, does that mean if a user tries to access that application through another browser, it will block?
A: If we are discussing access of enterprise apps, i.e. corporate Sanctioned instances of Salesforce, we would need to use our IP address ranges to restrict via the IDP, at the SaaS itself, or both. Then we would need to use real-time policies to limit certain steering methods to these applications.
Q: Can you package the extensions with the Enterprise Browser install and/or can you "push" an extension to the Enterprise Browser?
A: You can use extension governance to restrict the installation of all extensions except those which are allowed and/or mandatory. A great feature of the Netskope One Enterprise Browser is the extension governance feature.
Q: Are there any protections in place against a compromised computer pushing malicious files up through the Enterprise Browser?
A: We'll have the ability to restrict uploads and downloads on Enterprise Browser in the very near future. This is above and beyond the control we have with real-time protections. Since Netskope One Enterprise Browser is in full control of the traffic, we no longer have to rely on an app specific or the Universal Connector when it comes to web traffic.
Q: How can you control 3rd party browser extensions with a custom allowlist?
A: Enterprise Browser extensions may be controlled in the extension governance section inside the Netskope One tenant.
Q: Is it possible to quarantine Gmail emails once DLP has been violated? We would like the option to release emails that are false positives of DLP. Currently, we only see Block or Alert options.
A: In order to provide Quarantine as an action, Netskope One API Protection would need to be enabled.
