Enterprise Data Loss Prevention (E-DLP) now supports multiple new regions outside of the United
States for
Exact Data Matching (EDM) data set
uploads. This addresses the regulatory challenge of storing sensitive data within
specific geographic boundaries. Previously,
Palo Alto Networks stores all EDM data
sets exclusively in the US West-2 storage bucket. While
Palo Alto Networks ensured
General Data Protection Regulation (GDPR) compliance by hashing and encrypting EDM
data sets before upload to the Enterprise DLP EDM data set storage bucket, this
still presents compliance obstacles for organizations operating under regional data
sovereignty regulations. The support for new EDM regions requires EDM CLI app
version 4.0 or later release.
With the new region for EDM data set uploads, you can now specify the specific
geographic region where Enterprise DLP stores the EDM data set uploads. When
uploading data sets through the EDM CLI app, you specify your preferred region when
you configure the upload_config.properties file, or you
can specify a region when uploading an EDM data set using Interactive mode.
Support for new regions for EDM data set uploads is valuable if your organization
operates in regions with strict data protection laws, such as GDPR in Europe, where
personal data must remain within approved jurisdictions. While enabling regional
data storage, the feature also supports cross-boundary scanning when necessary,
allowing your data security controls to function seamlessly across your entire
organization while maintaining compliance with data residency requirements.
Additionally with the release of EDM CLI app version 4.0, Enterprise DLP no
longer supports authentication and connectivity using an authentication token. EDM
CLI app version 4.0 and later releases support EDM CLI app authentication and
connectivity using only the Client ID and Client
Secret.