The Zscaler Data Protection Tour: Controlling Personal Apps with Tenant Restrictions

In this blog series, we are taking our readers on a tour of various challenges to enterprise data security. As we do so, we will detail the ins and outs of each subject, describe why they all matter when it comes to keeping sensitive information safe, and explain how your organization can thoroughly and easily address each use case with Zscaler technologies—like its cloud access security broker (CASB), data loss prevention (DLP), and more.

In each installment of this series, a brief video will accomplish the above while presenting a succinct demonstration in the Zscaler user interface, concretely showing how you can protect your data. 

Prior topics include shadow IT, risky file sharing, and SaaS misconfigurations. The topic today is:

Noncorporate SaaS tenants

While blocking certain unsanctioned cloud applications can be a helpful method of protecting users and data in some scenarios, this approach is not capable of solving more granular use cases. Specifically, if a user leverages a personal instance of Google Drive, but the enterprise leverages a sanctioned, corporate instance of Google Drive, then blocking the app entirely will significantly disrupt business operations. 

Fortunately, Zscaler inline CASB delivers SaaS tenancy controls that address this problem. The solution can distinguish personal and third-party cloud app instances from the enterprise’s tenants. According to predefined policy, these noncorporate instances can then be blocked automatically or, for a less stringent approach, be rendered read-only to prevent file uploads and data leakage. See how it works in the demo below. 

Want to see other security challenges that our CASB can solve? Download the Top CASB Use Cases ebook.