Manage SaaS API Data Loss Prevention

Taking an API-based approach, SaaS API Data Loss Prevention makes use of third-party SaaS APIs (Cloud-to-Cloud) to scan and control sensitive data without having, nor needing, visibility into internet-bound traffic. As such, it is a great solution for both managed and unmanaged devices (BYOD). Using SaaS API DLP, Umbrella customers can both discover sensitive data residing in their sanctioned Cloud Services and create policies to continuously monitor those services for any addition of sensitive data or unwanted exposure to the public web or external users, and automatically remediate the exposure.

SIG Advance customers can onboard (i.e. authenticate) unlimited platform of SaaS tenants, and SIG Essential customers can onboard up to two different SaaS tenants, i.e. 2 different Microsoft 365 accounts. Organizations with nested child organizations can onboard two different SaaS tenants per child organization.

You can authorize the following platforms with SaaS API Data Loss Prevention:

• AWS S3
• Azure Storage
• Box
• Dropbox
• Google Drive
• Microsoft 365 (Sharepoint, OneDrive, and Outlook)

Note: For Microsoft Outlook, SaaS API Data Loss Protection applies to outgoing messages only. For incoming mail you can enable Cloud Access Security Broker protection; see Enable Cloud Access Security Broker Features for Microsoft 365 Tenants.

• ServiceNow
• Slack
• Webex Teams

Enable Cloud Malware Protection for Webex Teams Tenants< Manage SaaS API Data Loss Prevention > Enable SaaS API Data Loss Protection for AWS Tenants