Enterprise Data Loss Prevention (E-DLP) now supports multiple new regions outside of the United States for Exact Data Matching (EDM) data set uploads. This addresses the regulatory challenge of storing sensitive data within specific geographic boundaries. Previously, Palo Alto Networks stores all EDM data sets exclusively in the US West-2 storage bucket. While Palo Alto Networks ensured General Data Protection Regulation (GDPR) compliance by hashing and encrypting EDM data sets before upload to the Enterprise DLP EDM data set storage bucket, this still presents compliance obstacles for organizations operating under regional data sovereignty regulations. The support for new EDM regions requires EDM CLI app version 4.0 or later release.

With the new region for EDM data set uploads, you can now specify the specific geographic region where Enterprise DLP stores the EDM data set uploads. When uploading data sets through the EDM CLI app, you specify your preferred region when you configure the upload_config.properties file, or you can specify a region when uploading an EDM data set using Interactive mode.

Support for new regions for EDM data set uploads is valuable if your organization operates in regions with strict data protection laws, such as GDPR in Europe, where personal data must remain within approved jurisdictions. While enabling regional data storage, the feature also supports cross-boundary scanning when necessary, allowing your data security controls to function seamlessly across your entire organization while maintaining compliance with data residency requirements.

Additionally with the release of EDM CLI app version 4.0, Enterprise DLP no longer supports authentication and connectivity using an authentication token. EDM CLI app version 4.0 and later releases support EDM CLI app authentication and connectivity using only the Client ID and Client Secret.