ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases

Marketing Manager à Bitglass
30 Mar 2016

Contenu connexe

Similaire à ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases(20)


ISC(2) Security Briefing Part 2 - CASBs: Real-world use cases

  1. cloud access security brokers: real world use cases apr 7 2016
  2. cloud and mobile are inseparable... saas driving corporate data outside the firewall.
  3. STORYBOAR security must evolve to protect data outside the firewall ungoverned access to corporate data in the cloud hidden Shadow IT threats sensitive cloud data on unmanaged devices
  4. STORYBOAR CASB: a better approach to cloud security identity discovery data-centric security mobile
  5. STORYBOAR casb security a data-centric approach the new data reality requires a new security architecture ■ cross-device, cross-platform agentless data protection ■ granular DLP for data at rest and in motion ■ contextual access control ■ detailed logging for compliance and audit
  6. STORYBOAR casb discovery gain visibility into your org’s cloud usage ■ analyze outbound data flows to learn what SaaS apps your organization is using ■ understand risk profiles of different apps ■ essential in process of enabling secure cloud app usage
  7. STORYBOAR managed devices application access access control data protection unmanaged devices / byod in the cloud Forward Proxy ActiveSync Proxy Device Profile: Pass ● Email ● Browser ● OneDrive Sync ● Full Access Reverse Proxy + AJAX VM ActiveSync Proxy ● DLP/DRM/encryption ● Device controls API Control External Sharing Blocked ● Block external shares ● Alert on DLP events Device Profile: Fail ● Mobile Email ● Browser ● Contextual multi-factor auth typical use case real-time data protection on any device
  8. STORYBOAR use case 1: real-time saas data protection ■ real-time inline data protection ■ leverage proxies to control access to any app on unmanaged devices ■ external sharing control via API ■ integrated data leakage prevention
  9. STORYBOAR secure office 365 + byod client: ■ 35,000 employees globally challenge: ■ Inadequate native O365 security ■ Controlled access from any device ■ Limit external sharing ■ Interoperable with existing infrastructure, e.g. Bluecoat, ADFS solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload or download ■ Quarantine externally-shared sensitive files in cloud ■ Controlled unmanaged device access fortune 50 healthcare firm
  10. STORYBOAR client: ■ 15,000 employees in 190+ locations globally challenge: ■ Mitigate risks of Google Apps adoption ■ Prevent sensitive data from being stored in the cloud ■ Limit data access based on device risk level ■ Govern external sharing solution: ■ Inline data protection for unmanaged devices/BYOD ■ Bidirectional DLP ■ Real-time sharing control secure google apps + byod business data giant
  11. STORYBOAR use case 2: achieve regulatory compliance ■ upload + download dlp and encryption ■ protect regulated cloud data on byod ■ control over external share & sync ■ leverage integrated identity management to ensure secure auth
  12. STORYBOAR US hospital system client: ■ 7000 employees in southeastern US challenge: ■ Require HIPAA compliance with move to public cloud ■ Respect user privacy ■ Support future O365 migration solution: ■ DLP policies applied to PHI ■ Selective wipe, enforce device PIN and encryption hipaa compliant byod
  13. STORYBOAR use case 3: agentless byod security ■ secure devices without invasive profiles or certificates ■ protect “unwrappable” cloud and native apps ■ selectively wipe corporate data ■ enforce device security policies ■ full data control and visibility for IT
  14. STORYBOAR client: ■ 8000 employees ■ s&p 500 challenge: ■ Lack of adherence to BYOD security measures ■ Failed MobileIron and SAP Afaria deployments solution: ■ Bitglass Agentless – device / OS independent ■ Fast deployment ■ Logging for compliance with internal data security policies ■ Seamless integration with ActiveDirectory fortune 500 beverage co. byod security
  15. STORYBOAR our mission total data protection est. jan 2013 100+ customers tier 1 VCs
  16. STORYBOAR our solutions cloud mobile breach 16
  17. resources: more info about cloud security ■ bitglass report: cloud adoption by industry ■ case study: UNC Charlotte secures dropbox ■ case study: fortune 100 healthcare firm secure O365
  18. STORYBOAR @bitglass

Notes de l'éditeur

  1. but in building out our product, we realized that mobile security is also cloud security.
  2. we think CASBs provide a better approach to cloud security. It starts with discovery.
  3. Competition: Skyhigh, Netskope, Adallom
  4. Competition: Skyhigh, Netskope, Cloudlock, Elastica/Bluecoat
  5. 2500 employees
  6. Competition: AirWatch/VMWare
  7. in: CA, NY, MA, IL, N