Adoption of G Suite has increased year over year. Despite this increased adoption, securing data still remains a challenge as employees want access to cloud apps from any device, anywhere. In this webinar, we will discuss the the security gaps within G Suite and how to give power back to your security team through tools that provide visibility and control of your data across all of your cloud apps.

1. webinar
july 12
2017
G Suite

2. STORYBOAR
G Suite is the fastest growing SaaS productivity suite:
deployed in over a third of organizations
2015
google apps
office 365
other
16.3%
7.7%
76%
22.8%
25.2%
52%
40.7%
24.5%
34.8%
2016

3. poll:
what are your
g suite
adoption plans?

4. STORYBOAR
a security balancing act:
empower users, maintain control
■ Visibility and control over corporate data in G Suite
■ Prevent unauthorized access
■ Limit external sharing
■ Restrict access on unmanaged devices
○ Managing Google Drive sync, access in risky contexts, more

5. STORYBOAR
The real risk vector
■ In an increasing number of security
breaches, findings show that user
"error" is the root cause

6. STORYBOAR
components
of g suite
security
identity
cloud
access
mobile

7. STORYBOAR
cloud:
protect data-at-rest in g suite
■ External sharing opens the door to
unintended leaks
○ API-based controls can restrict sharing
of sensitive data
■ Encryption, when needed
■ User behavior analytics, logging

8. STORYBOAR
mobile:
protect cloud data synced to any device
■ Employees have rejected MDM and MAM
■ Protect data synced/downloaded to user
devices
■ Allow different levels of mobile access
based on device type, user, etc.

9. STORYBOAR
access:
native security provides limited visibility
■ More access, greater risk of data leakage
○ Granular access controls can limit risky
access
■ DLP is critical to securing sensitive data in
risky contexts
○ Complete security solutions should be
content-aware, apply DLP at access

10. STORYBOAR
identity:
centralized identity management is key to securing data
■ Cloud app identity management should
maintain the best practices of on-prem
identity
■ Google can identify some but not all high-
risk logins
■ Prevent use of compromised credentials
with cross-app IAM, step-up MFA

11. STORYBOAR
cloud apps can be secure:
but will they protect everything?
enterprise
(CASB)
end-user devices
visibility & analytics
data protection
identity & access control
application
storage
servers
network
11

12. poll:
what cloud security
functions are most
important?

13. STORYBOAR
benefits of using a casb
g suite requires a new security
architecture
■ Cross-device, cross-application agentless
data security
■ Real-time data protection
■ Limit high-risk activities like external file
sharing, unmanaged access
■ User behavior analytics

14. STORYBOAR
managed
devices
application access mode data protection
unmanaged
devices &
mobiles
in the cloud
● profile-agent
● VPN+IP-restriction
● DLP/DRM/encryption
● Device controls, e.g PIN
● Agentless Selective wipe
● Client apps: allow/block
● Google Drive
● Gmail
● API
● Quarantine DLP
● Block external shares
● Alert on DLP events
g suite use case:
real-time inline data protection on any device
Google Drive Client
● Full access
● Browser
● ActiveSync Mail
● Client apps
● Reverse-proxy + AJAX-VM
● ActiveSync Proxy
14

15. Fortune 100
Media
Conglomerate
20K users
secure
g suite
+ byod
Challenges
■ Sensitive data stored in G Suite
■ Limited external sharing controls
Solution
■ Policies to protect financial data in real-time,
bidirectionally
■ Quarantining of data policy violations for further
review
■ Real-time inline data protection on any device

16. STORYBOAR
our
mission
total
data
protection est. jan
2013
200+
customer
s
tier 1
VCs

17. STORYBOAR
bitglass.com
@bitglass