Netskope Help

Data Protection for Azure Blob Storage

Netskope provides data protection to secure your data in Azure Blob Storage. Netskope uses DLP and Threat Protection policies to perform scans on objects in your blob storage. You must configure the DLP policies so that Netskope can scan your storage. If you have Threat Protection enabled in your Netskope tenant and have defined policies, then Netskope performs Malware scans on your blob storage.

Note

  • Netskope supports DLP scanning on Azure general-purpose v2 and Blob storage accounts only. To upgrade to a general-purpose v2 storage account, see the Azure documentation located here.

    Note

    • Netskope now supports DLP scanning on Azure Data Lake Storage Gen 2. Azure Data Lake Storage Gen2 is a set of capabilities dedicated to big data analytics, built on Azure Blob storage. To learn more, see the Azure documentation located here.

    • Netskope now supports DLP scanning on Snowflake as a service that runs on top of Azure Blob storage. To learn more, see the respective third-party documentation of Snowflake and Azure.

  • Data Protection for Azure Blob Storage feature does not support quarantine and legal hold functionalities. If you have configured a DLP or Malware quarantine profile with an external storage provider such as OneDrive, the file would be copied to that location. However, the file would not be removed from its original location in the public cloud storage, Azure Blob Storage.

The following workflow diagram provides a visual representation of the steps required to configure your Azure subscriptions for DLP Scan and Threat Protection (Malware Scan).

data-protection-for-azure.png

To learn more: Enabling Data Protection for Azure Blob Storage.