Lock Down Mobile and Cloud Data Leaks Part II. Presenter: Reza Nabavi, Director, Mobile Product Marketing Accellion, Inc. Presented at SC Magazine Virtual Trade Show.
3. Data Encryption
DATA AT REST
+
FIPS Encryption AES 128 Encrypted Encrypted
SSL
3
4. Hybrid Cloud
“For most enterprises, a
virtualized, automated on-premises
infrastructure with a hosted, elastic
option will be the best approach – the
„hybrid‟ model.”
4
-- William Fellows, Agatha Poon –
5. Roles and Rights
o User policies, profiles
o MDM integration
o Authorized access
o Authentication
5
6. 2. Give IT What They Need
• Admin console
• SAML/SSO
• File tracking & reporting
– audit trail
• DLP integration
• LDAP/AD integration
6
10. Accellion Mobile File Sharing
Enterprise-class solution that enables
secure anytime, anywhere, with
anyone, sharing of enterprise content
while ensuring security and
compliance.
12. Accellion Hybrid Deployment Architecture
Accellion Secure
Public Cloud
Accellion Secure
Private Cloud
Wireless
Network
= Mocana Wrapped Accellion Mobile App
Accellion Secure Sync = Accellion Mobile App for Good
Notes de l'éditeur
There is an old quote (or article) from Bill Gates that said Content is King (which back in late 90’s he really meant that Content is where the real money will be made on the Internet), which still holds true today. With only difference that today, it’s the Secure Content that is Kind.Everything that a mobile user does with a file, (download, upload, save, edit, send, or just keep locally) should be allowed to happen in a secure environment transparently and w/o putting add’l burden on the mobile user. In other words, a content delivery solution has to lockdown the content. Let’s look further into what I mean by this lock down of the content.
What is meant is making the data unreadable at all times except when ready to view or edit the content. That means offer industry-grade encryption for data in all of its states, while in Transit, Data while in the Cloud and even just at rest on the device.Data in Transit should be using SSL, or integrate with VPN, should encrypt content that sits in the cloud using either FIPS or AES128, and provide encryption FIPS or AES256 on data residing on the device.If the solution has satellite controllers, it should also encrypt the communication between servers and the Satellite units.This is vital, particularly for enterprises in regulated industries.
There are two types of content in an enterprise: Confidential and not so Confidential. The confidential content needs to be placed in a Cloud infrastructure that is controlled by IT, either behind the firewall or in DMZ. The not so confidential content, however, does not have to be. It can be in a public or private cloud, with the ability to interoperate with cloud behind the firewall or the DMZ.In other words, the Confidential content in the Cloud has to be locked down, where as the non confidential content doesn’t have to be. To enable this, a content delivery solution has to offer to a hybrid deployment option of on-premise, off-premise and a combination of both.This not only allows locking down cloud content leaks, it also satisfies the objectives of both categories of CIOs.Incidentally, This deployment option capability is not just a value proposition of Accellion Solution, it is also an important differentiator for Accellion; William Fellow of 451 Research Group totally supports this.
Additional security considerations that should exist in the solution include ability to:Instituting user group segmentation and access policiesBe able to integrate into Good, or Mobile Iron or BoxTone MDM environments.Authenticate Users for cloud and device access
And equally important, give IT what they need:SAML/SSOFile tracking & reporting – audit trailDLP integrationArchival integrationEnterprise content plug-insAdmin consoleFurther, the solution should integrate with existing corporate directory implementations such as LDAP and AD.
To an average mobile biz user, it must look like it is just a simple Mobile app that one downloads from the App Store. But it talks to a back-end.That back-end has to be Enterprise ClassIt must be scalable, offer availability and redundancy, but speed of delivery of content to a large number of mobile business users out-of-the-box, and still provide room for growth.Most solutions today begin to degrade beyond a couple of thousands of subscribers. Accellion’s offering maintains the same delivery performance for organizations of 100,000+ mobile users.
Solution Capabilities:Secure Mobile File Access & SharingSecure file access, viewing and sharing of Enterprise Content on smart phones and tablets. Secure CollaborationFlexible secure file sharing capabilities for project teams, virtual data rooms and deal rooms. Secure File TransferSecure delivery of files/folders up to 100GB to internal and external recipientsTransparent access to content that resides in existing ECM repositoriesFile Sync *New Accellion Feature*File syncing via the cloud on your entire file system, or a portion of it, or even On-demand..
Cross PlatformToday’s BYOD users have the broadest range of devices. They include everyone, with a variety of smartphones and tablets across multiple mobile platforms. The mobile app must run on all popular platforms, including Apple, Android and BlackBerry OS, which basically covers 95% of mobile devices in use today by business users.And obviously be an enabler, intuitive to use, in terms of mobile user experience and human interface with the mobile apps and the Web interface.
I am now going to spend a couple of slides on who Accellion is:What we provide isan enterprise-class mobile file sharing solution that enables secure anytime, anywhere with anyone access to informationwhile ensuring enterprise security and compliance.
We focus on secure delivery and control of content that is used by mobile users. How we implement this is simply by providing a container within which mobile users can access content, with their popular mobile devices. It is transparent to the mobile user, but offers a secure environment.All content accessed by Accellion mobile apps--whether the app is running on an iPhone, iPad, Android or BlackBerry device; and all content accessed from an Accellion Cloud--whether it is a private, public or hybrid Cloudis kept in a container that is encrypted and can only be accessed by that authenticated user. It can not leak out, as long as it is in that container.
We are a private company with HQ in Palo Alto. We were founded in 1999 and today have over 1400 Enterprise Customers and 9M Enterprise users.Our solution is a robust enterprise offering and has gone through many years of innovation and maturity, and has received several Excellence Awards by Tech-Ed, Network Computing and three times by Info Security, most recent of which was a Trend Setter award by Info Tech in June 2012, where we beat Dropbox, YouSendIt, and Box who did not pass the screening test. That is why we currently enjoy a 96% loyalty rate by our customers. That is to say, 96% of our customers renew their licenses with us.http://www.sfgate.com/business/prweb/article/Info-Tech-Research-Group-Urges-Businesses-to-3678851.php