Netskope - Web and Cloud Security

Service scope

Software add-on or extension: Yes, but can also be used as a standalone service
What software services is the service an extension to: Netskope provides an open architecture with plug-ins for 30+ partners. A validated solution in the Microsoft 365 Networking Partner Program and supports the Networking Connectivity Principles for M365. As your organization adopts Microsoft Cloud, Netskope can deliver protection to your users and data based upon the principles of Zero Trust.
Cloud deployment model: Public cloud

Private cloud

Hybrid cloud
Service constraints: No
System requirements: Windows

MacOS

User support

Email or online ticketing support: Email or online ticketing
Support response times: Basic Support: P4 (Low) - 5 business days; P3 (Normal) - 2 business days; P2 (High) - 1 business day; P1 (Urgent) - <2 business hours
Premium Support: P4 - <24 hours; P3 - <8 hours; P2 - <2 hours; P1 - <30 minutes
User can manage status and priority of support tickets: Yes
Online ticketing support accessibility: None or don’t know
Phone support: Yes
Phone support availability: 24 hours, 7 days a week
Web chat support: No
Onsite support: No
Support levels: We offer Basic services for 8-5, Monday through Friday support as well as Premium and Premium Plus Service options for customers who require 24/7 365 day support combined with advanced engagement and planning services.
Support available to third parties: No

Onboarding and offboarding

Getting started: Activation: We’ll partner with you to plan and deploy your Netskope cloud security solutions from start to finish. Our Professional Services team is all set to work through your Activation so that you’re realizing value from our investment.
Working with your Business: The team follows customer use cases to establish its approach to Netskope deployment and integrations. Working closely with your team, we’ll get your tenant stood up and data flowing.
Integration with Customer Success: We work hand-in-hand with our teammates in the Technical Customer Success team to understand your business requirements and goals with your security solutions. Following Activation, we’ll provide guidance for policy and reporting set-up as your Netskope Adoption grows. Customer Success: We’re here to help. As a Netskope customer, we offer Technical Success Manager support and are committed to your success. We’ll use your use cases to work with you to establish security policies and reporting. Great resources and collaboration from Netskope experts will allow you to realize Netskope’s value.
Netskope Cloud Security Training and Workshops available as self-paced training or instructor-led workshops for value-add services to ensure clients are getting the full use out of their platform.
Service documentation: Yes
Documentation formats: HTML

PDF
End-of-contract data extraction: Administrators will need to email Privacy@netskope.com where all the details needed to complete the process shall the given. Details of the complete process are available upon request.
End-of-contract process: When a customer contract expires and is not renewed or at POC completion, processes are in place to ensure full and proper data migration and secure deletion of customer data. A full and complete data removal process including backups are rotated out after 30 days from contract termination.

Using the service

Web browser interface: Yes
Supported browsers: Microsoft Edge

Firefox

Chrome

Safari
Application to install: Yes
Compatible operating systems: Android

IOS

Linux or Unix

MacOS

Windows

Other
Designed for use on mobile devices: Yes
Differences between the mobile and desktop service: Netskope mobile client extends Netskope security protection to mobile devices and harmonizes security controls between desktop and mobile environments. With the Netskope mobile client, customers can access a range of Netskope security services, including Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), Secure Web Gateway (SWG),
Service interface: Yes
User support accessibility: WCAG 2.1 A
Description of service interface: The Netskope user interface (UI) and dashboards provide administrative controls for account management and traffic steering, visibility into network activities, and analytics to help you define policies to protect your enterprise from security violations. The following sections explain how to use the primary pages of the Netskope UI.
Accessibility standards: WCAG 2.1 A
Accessibility testing: Netskope's UI is partially compatible with Accessibility standards and is actively working on the accessibility requirements to be compliant with WCAG 2.1 in 2024
API: Yes
What users can and can't do using the API: Netskope provides REST APIs to the Netskope console to allow data requests such as events, alarms, and reports. API documentation is available through the "help" section of the Netskope console.
API documentation: Yes
API documentation formats: Open API (also known as Swagger)

HTML

PDF
API sandbox or test environment: No
Customisation available: Yes
Description of customisation: Netskope Administrators can customise the following: Web categories, DLP Profiles, User alerts & notifications, User attributes, Netskope UI Customised Dashboards, Customised Reports and more, See documentation for a full list of available customisations.

Scaling

Independence of resources: Netskope sits on dedicated cloud infrastructure scaled appropriately to each customers requirements. One or more tenants can be provisioned across several points of presence spread between different geographical locations for availability.

Analytics

Service usage metrics: Yes
Metrics types: Netskope provides organizations with a 360° view of their cloud risk posture covering applications, users, and data within the Netskope UI. It provides security operations teams with the ability to quickly measure and analyse their organization’s cloud and web use. For example, you can monitor the traffic speeds from your Netskope tenant and identify latency issues using real-user traffic monitoring and analysis.
Reporting types: API access

Real-time dashboards

Regular reports

Reports on request

Resellers

Supplier type: Reseller providing extra support
Organisation whose services are being resold: Netskope

Staff security

Staff security clearance: Conforms to BS7858:2019
Government security clearance: Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations: Yes
Data storage and processing locations: United Kingdom

European Economic Area (EEA)

Other locations
User control over data storage and processing locations: Yes
Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency: At least once a year
Penetration testing approach: Another external penetration testing organisation
Protecting data at rest: Physical access control, complying with SSAE-16 / ISAE 3402

Scale, obfuscating techniques, or data storage sharding
Data sanitisation process: Yes
Data sanitisation type: Explicit overwriting of storage before reallocation
Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach: Administrators can schedule and export custom reports, as well as leverage the Netskope API to access additional data and metrics
Data export formats: CSV

Other
Other data export formats: PDF
Data import formats: CSV

Data-in-transit protection

Data protection between buyer and supplier networks: TLS (version 1.2 or above)

IPsec or TLS VPN gateway
Data protection within supplier network: TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability: Availability target is 99.9% or above. SLAs and related support terms including credits are available at https://www.netskope.com/support-terms
Approach to resilience: Netskope operates a highly redundant distributed cloud platform with auto-failover. Netskope operates its platform on private cloud infrastructure that is not reliant on the public cloud.
Outage reporting: Service outages are communicated through the Netskope customer support portal. Customers can sign up for automated email alerts and visit https://trust.netskope.com/

Identity and authentication

User authentication needed: Yes
User authentication: 2-factor authentication

Identity federation with existing provider (for example Google Apps)

Username or password
Access restrictions in management interfaces and support channels: All logical access including remote access to the Netskope production platform and networking devices requires unique individual user accounts and are controlled using secured VPN and bastion hosts enabled with multi-factor authentication through a federated identity management system.
Access restriction testing frequency: At least once a year
Management access authentication: 2-factor authentication

Identity federation with existing provider (for example Google Apps)

Username or password

Audit information for users

Access to user activity audit information: Users have access to real-time audit information
How long user audit data is stored for: Between 1 month and 6 months
Access to supplier activity audit information: You control when users can access audit information
How long supplier audit data is stored for: At least 12 months
How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification: Yes
Who accredited the ISO/IEC 27001: CoalFire Cert Inc
ISO/IEC 27001 accreditation date: 15/11/2023
What the ISO/IEC 27001 doesn’t cover: The scope of the ISO/IEC 27001:2013 is limited to the security management system (ISMS) supporting the documented policies, procedures and controls implemented at the organisations worldwide corporate headquarters and supplemented by the locations listed with the certificate, in accordance with the Statement of Applicability, and aligned with ISO/IEC 27018:2019. The ISMS preserves the confidentiality, integrity, and availability (CIA), and privacy information assets for the Netskope Cloud Security Services Platform. The department scope includes Netskope's human resources, information security, information technology, infrastructure operations, engineering, and corporate information technology teams affecting the ISMS
ISO 28000:2007 certification: No
CSA STAR certification: Yes
CSA STAR accreditation date: 25/11/2023
CSA STAR certification level: Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover: The scope of the ISO/IEC 27001:2013 is limited to the security management system (ISMS) supporting the documented policies, procedures and controls implemented at the organisations worldwide corporate headquarters and supplemented by the locations listed with the certificate, in accordance with the Statement of Applicability, and aligned with ISO/IEC 27018:2019. The ISMS preserves the confidentiality, integrity, and availability (CIA), and privacy information assets for the Netskope Cloud Security Services Platform. The department scope includes Netskope's human resources, information security, information technology, infrastructure operations, engineering, and corporate information technology teams affecting the ISMS.
PCI certification: No
Cyber essentials: Yes
Cyber essentials plus: Yes
Other security certifications: Yes
Any other security certifications: AICPA SOC 2 Type 2

ISO 27001:2013 / ISO 27017:2015 / ISO 27018:2019

TRUSTe Privacy Certification

Cloud Computing Compliance Controls Catalog (C5)

Security governance

Named board-level person responsible for service security: Yes
Security governance certified: Yes
Security governance standards: ISO/IEC 27001
Information security policies and processes: Netskope have a documented set of Information Security policies that are sponsored and approved by senior management; published and available to all employees on an internal intranet page; and required to be read and acknowledged on hire and at least annually as part of the Netskope Security Awareness program. Netskope's Information Security Policies are in alignment with the AICPA Security, Availability and Confidentiality trust principles, ISO 27001, ISO 27018, and CSA STAR certifications. Netskope SOC 2 and SOC 3 reports provide additional details on the specific control activities executed by Netskope.

Operational security

Configuration and change management standard: Supplier-defined controls
Configuration and change management approach: Changes to the production system are controlled through Netskope’s change management process. The process includes steps for originating a change request, capturing test results, and capturing the results of implementing the change request. Each of these steps must be reviewed and approved by management. All change requests are tracked in Netskope’s change request tracking system.
Vulnerability management type: Supplier-defined controls
Vulnerability management approach: Netskope additionally performs network perimeter, internal, and application security vulnerability scans and testing on a continuous basis using industry-recognized tools and processes.
Protective monitoring type: Supplier-defined controls
Protective monitoring approach: Netskope maintains a comprehensive set of network and application security controls, including perimeter routers and firewalls enabled with ACLs, DDoS protection, certificate-based authentication, and logging/monitoring controls to limit and monitor inbound network traffic. The internal network is also segmented into zoned VLANs and DMZs to limit external access to only authorized systems. Netskope uses various internal and external monitoring systems to identify and alert for any unusual, suspicious, or malicious activities.
Incident management type: Supplier-defined controls
Incident management approach: Netskope has developed and implemented an incident response plan that includes standardized notification and communications processes. The plan is reviewed as a part of the SOC 2 audit. Incidents are reviewed as identified and escalated into the incident response process on confirmed incidents or breaches.

Secure development

Approach to secure software development best practice: Conforms to a recognised standard, but self-assessed

Public sector networks

Connection to public sector networks: No

Social Value

Fighting climate change

We take our environmental management and the impact we have on the environment very seriously. We have environmental policies in place and hold the ISO14001 accreditation. Our environmental assessments are conducted annually by an external Lead ESOS Assessor; they are signed-off by the board and compliance reported to the regulator (the Environment Agency). Our environmental policy is published on our website at https://www.bytes.co.uk/company/sustainability/environmental.
Bytes achieved carbon net zero in March 2022 through approved carbon offsetting schemes. We are always seeking to reduce our impact on the environment. We aim to minimise waste, reduce pollutants and use renewable materials. Our offices have recycling facilities for cans, plastic and paper. We aim to reduce our office printing to zero within the next few years.
An Environmental Steering Committee has been established to coordinate environmental activities and drive change.
To drastically reduce our emissions, we have switched to renewable energy. Our Head Office has reached our first milestone of using a specialist 100% renewable electricity provider. We are also exploring options to install solar panels on our Headquarters building.
Other environmental initiatives include installing electric vehicle charging points and encouraging staff to commute to work without the car (setting up a car share network and installing secure cycle parking).
We produce a SECR (Streamlined Energy and Carbon Reporting) report that details the companies energy consumption and carbon emissions. This report is produced annually by an independent assessor.
This report provides details of our emissions in Scope 1, 2 and 3 categories. It details the activities previously taken to reduce emissions and also recommendations for further improvements.
For scope 1,2 and 3 emissions we aim to reduce these by 50% by 2025-2026 from our 2021 baseline.
We aim to be Net Zero by 2040, covering our own operational emissions.

Pricing

Price: £9.00 a unit a month
Discount for educational organisations: No
Free trial available: No

Netskope - Web and Cloud Security

Features

Benefits

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Pricing

Service documents

Cookies on Digital Marketplace

Netskope - Web and Cloud Security

Features

Benefits

Pricing

Service documents

Framework

Service ID

Contact

Service scope

User support

Onboarding and offboarding

Using the service

Scaling

Analytics

Resellers

Staff security

Asset protection

Data importing and exporting

Data-in-transit protection

Availability and resilience

Identity and authentication

Audit information for users

Standards and certifications

Security governance

Operational security

Secure development

Public sector networks

Social Value

Pricing

Service documents