CASBs - A New Hope

Marketing Manager à Bitglass
13 Dec 2016

Contenu connexe


CASBs - A New Hope

  1. CASBs: A New Hope A long time ago in a CISOs old security strategy
  2. STORYBOARDS enterprise (CASB) end-user devices visibility & analytics data protection identity & access control application storage servers network CASBs secure data across any cloud app app vendor
  3. STORYBOARDS shadow IT The clone wars: In the beginning before the republic was sabotaged by the empire: Translation - Shadow IT was all we knew
  4. STORYBOARDS shadow IT gain visibility into your org’s cloud usage ■ Identify unsanctioned apps in use in your organization ○ Understand risk profiles of these frequently used apps ■ Intelligent, time-saving alerts out of the box
  5. STORYBOARDS shadow IT API- based approach Revenge of the Sith: The empire began growing powerful with their management of security approach Translation - Orgs. are limited with limited API security
  6. STORYBOARDS data-at-rest in the cloud api control visibility and control of cloud data ● DLP scans & quarantine ● modify sharing permissions ● watermark, DRM, redact, encrypt ● proxy-accelerated API-scans 6
  7. STORYBOARDS ■ BYOD blindspot - O365 DLP is not geared toward protecting data on BYOD ■ High operational overhead - Complex to configure and maintain ■ Difficult deployment - Sharepoint/OneDrive DLP integration requires Office 2016 on PCs ■ High cost - Must have top of the line license ■ Point solution - Support focused on Office 365, what about other cloud apps? office 365 native dlp: complex, costly, and doesn’t work across apps
  8. STORYBOARDS shadow IT API-based approach API + in- line A New Hope: The Rebels emerged with a new way to secure SAAS applications with an agentless in-line approach. The old republic (empire) methods were still used to maintain balance with the force.
  9. STORYBOARD how casb security works reverse proxy ■ unmanaged device controls without agents forward proxy ■ managed devices controls activesync proxy ■ secure email, calendar, etc on any mobile device ■ device level security - wipe, encryption, PIN etc
  10. STORYBOARDS casb security a data-centric approach ■ Cloud data doesn’t exist only “in the cloud” ■ IT must protect data at access and on any device ○ Granular DLP ○ Context-aware to distinguish between users, device type, more
  11. STORYBOARDS 3 top MDM vendors do not use their own product Bitglass BYOD Security Survey 2015 MDM is obsolete 67% would participate in BYOD if IT couldn’t access personal data & apps 38% of IT professionals don’t participate in their own BYOD security programs
  12. STORYBOARDS mobile security cloud and mobile are inseparable ■ IT must enable secure access to cloud apps from any device ■ BYOD poses a threat to data security due to a lack of visibility and control after download ■ CASBs accommodate user BYOD
  13. STORYBOARDS casb identity centralized identity management is key in securing data ■ CASBs offer integrated identity management across apps ■ Limit potential breaches with step-up multifactor auth for high risk logins
  14. STORYBOARDS secure office 365 + byod client: ■ 35,000 employees globally challenge: ■ Inadequate native O365 security ■ Controlled access from any device ■ Limit external sharing ■ Interoperable with existing infrastructure, e.g. Bluecoat, ADFS solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload or download ■ Quarantine externally-shared sensitive files in cloud ■ Controlled unmanaged device access ■ Shadow IT & Breach discovery fortune 50 healthcare firm
  15. STORYBOARDS ■ 15,000 employees in 190+ locations globally challenge: ■ Mitigate risks of Google Apps adoption ■ Prevent sensitive data from being stored in the cloud ■ Limit data access based on device risk level ■ Govern external sharing solution: ■ Inline data protection for unmanaged devices/BYOD ■ Bidirectional DLP secure google apps + byod business data giant
  16. STORYBOARDS about bitglass total data protection est. jan 2013 100+ customer s tier 1 VCs
  17. resources: more info about cloud security ■ whitepaper: the definitive guide to CASBs ■ report: cloud adoption by industry ■ case study: fortune 100 healthcare firm secure O365
  18. STORYBOARDS @bitglass

Notes de l'éditeur

  1. “By 2018, more than half of all bring your own device (BYOD) users that currently have an MDM agent will be managed by an agentless solution” - Gartner Inseparable
  2. Competition: Skyhigh, Netskope, Adallom
  3. Competition: Skyhigh, Netskope, Cloudlock, Elastica/Bluecoat
  4. in: CA, NY, MA, IL, N