Data Risk Recommendations
Focus
Focus
Enterprise DLP

Data Risk Recommendations

Table of Contents

Data Risk Recommendations

Improve your security posture by implementing security recommendations based on your organization's data risk.
Data Risk Recommendations are currently in Beta. Palo Alto Networks is continuing to expand and add more granular recommendations.
Where Can I Use This?What Do I Need?
  • NGFW (Managed by Strata Cloud Manager)
  • Prisma Access (Managed by Strata Cloud Manager)
  • Enterprise Data Loss Prevention (E-DLP) license
    Review the Supported Platforms for details on the required license for each enforcement point.
Or any of the following licenses that include the Enterprise DLP license
  • Prisma Access CASB license
  • Next-Generation CASB for Prisma Access and NGFW (CASB-X) license
  • Data Security license
Data Risk provides configuration change recommendations to help improve your data security posture. These contextual recommendations are based on the current data risk model and data assets inspected by Enterprise DLP. These recommendations are sorted based on those that will have the highest impact on your organization's Data Risk score. Additionally, recommendations are at a group or platform level and may include multiple data assets, applications, or users.
For example, Enterprise DLP has detected that a sensitive data asset has been uploaded to an Unsanctioned application and that this is a major contributor to reducing your overall Data Risk Summary score. In this scenario, remediation steps may be to create or update a Security policy rule to block access to the unsanctioned application. Conversely, if this application is incorrectly tagged as Unsanctioned, the remediation may be to update the application tag.
  1. Log in to Strata Cloud Manager.
  2. Analyze the Data Risk Dashboard.
    Analyze the data risk dashboard to identify data security hotspots where data risk may be high and needs priority attention.
    1. Review your Risk Summary to get an assessment of your overall security posture.
    2. Review your Risk Breakdown and navigate through the Risk Breakdown tree to explore potential data security risks across your control points, applications, and data profiles.
      By default, the Risk Breakdown displays the path where data risk is highest.
    3. View Related Incident or View Asset to view more details about the specific DLP incident or data asset.
      This allows you to review the individual incident or asset and take the necessary action.
  3. Take a recommended action.
    1. View Asset to learn more about the data asset contributing to risky data security behavior on your network.
    2. View App Details to learn more about the application contributing to risky data security behavior on your network.
    3. Make configuration changes based on the app and asset details.
      For example, you may need to create or update a Security policy for a specific application to better control access or update the tag on an app to reduce your data risk.