Data Risk Recommendations
Focus
Focus
Enterprise DLP

Data Risk Recommendations

Table of Contents

Data Risk Recommendations

Improve your security posture by implementing security recommendations based on your organization's data risk.
Data Risk Recommendations are currently in Beta. Palo Alto Networks is continuing to expand and add more granular recommendations.
Where Can I Use This?
What Do I Need?
  • Prisma Access (Managed by Strata Cloud Manager)
  • SaaS Security
  • NGFW (Cloud Managed)
  • Enterprise Data Loss Prevention (E-DLP)
    license
  • Prisma Access (Managed by Strata Cloud Manager)
    Prisma Access
    license
  • SaaS Security
    SaaS Security
    license
  • NGFW (Cloud Managed)
    —Support and
    AIOps for NGFW Premium
    licenses
Or any of the following licenses that include the
Enterprise DLP
license
  • Prisma Access
    CASB license
  • Next-Generation CASB for Prisma Access and NGFW (CASB-X)
    license
  • Data Security
    license
Data Risk provides configuration change recommendations to help improve your data security posture. These contextual recommendations are based on the current data risk model and data assets inspected by
Enterprise DLP
. These recommendations are sorted based on those that will have the highest impact on your organization's Data Risk score. Additionally, recommendations are at a group or platform level and may include multiple data assets, applications, or users.
For example,
Enterprise DLP
has detected that a sensitive data asset has been uploaded to an Unsanctioned application and that this is a major contributor to reducing your overall
Data Risk Summary
score. In this scenario, remediation steps may be to create or update a Security policy rule to block access to the unsanctioned application. Conversely, if this application is incorrectly tagged as
Unsanctioned
, the remediation may be to update the application tag.
  1. Log in to
    Strata Cloud Manager
    .
  2. Analyze the data risk dashboard to identify data security hotspots where data risk may be high and needs priority attention.
    1. Review your
      Risk Summary
      to get an assessment of your overall security posture.
    2. Review your
      Risk Breakdown
      and navigate through the Risk Breakdown tree to explore potential data security risks across your control points, applications, and data profiles.
      By default, the Risk Breakdown displays the path where data risk is highest.
    3. View Related Incident
      or
      View Asset
      to view more details about the specific DLP Incident or data asset.
      This allows you to review the individual incident or asset and take the necessary action.
  3. Take a recommended action.
    1. View Asset
      to learn more about the data asset contributing to risky data security behavior on your network.
    2. View App Details
      to learn more about the application contributing to risky data security behavior on your network.
    3. Make configuration changes based on the app and asset details.
      For example, you may need to create or update a Security policy for a specific application to better control access or update the tag on an app to reduce your data risk.

Recommended For You