cloud access security brokers:
real world use cases
apr 7 2016

cloud and mobile are inseparable...
saas
driving corporate data outside the firewall.

STORYBOAR
security must
evolve to protect
data outside the
firewall
ungoverned
access to
corporate data in
the cloud
hidden Shadow
IT threats
sensitive cloud
data on
unmanaged
devices

STORYBOAR
CASB: a
better
approach to
cloud security
identity
discovery
data-centric
security
mobile

STORYBOAR
casb security
a data-centric approach
the new data reality requires a new security
architecture
■ cross-device, cross-platform agentless data
protection
■ granular DLP for data at rest and in motion
■ contextual access control
■ detailed logging for compliance and audit

STORYBOAR
casb discovery
gain visibility into your org’s cloud usage
■ analyze outbound data flows to
learn what SaaS apps your
organization is using
■ understand risk profiles of
different apps
■ essential in process of enabling
secure cloud app usage

STORYBOAR
managed
devices
application access access control data protection
unmanaged
devices / byod
in the cloud
Forward Proxy
ActiveSync Proxy
Device Profile: Pass
● Email
● Browser
● OneDrive Sync
● Full Access
Reverse Proxy + AJAX VM
ActiveSync Proxy
● DLP/DRM/encryption
● Device controls
API Control External Sharing Blocked
● Block external shares
● Alert on DLP events
Device Profile: Fail
● Mobile Email
● Browser
● Contextual multi-factor auth
typical use case
real-time data protection on any device

STORYBOAR
use case 1:
real-time saas data protection
■ real-time inline data protection
■ leverage proxies to control access to any
app on unmanaged devices
■ external sharing control via API
■ integrated data leakage prevention

STORYBOAR
secure
office 365
+ byod
client:
■ 35,000 employees globally
challenge:
■ Inadequate native O365 security
■ Controlled access from any device
■ Limit external sharing
■ Interoperable with existing infrastructure,
e.g. Bluecoat, ADFS
solution:
■ Real-time data visibility and control
■ DLP policy enforcement at upload or
download
■ Quarantine externally-shared sensitive
files in cloud
■ Controlled unmanaged device access
fortune 50
healthcare
firm

STORYBOAR
client:
■ 15,000 employees in 190+ locations
globally
challenge:
■ Mitigate risks of Google Apps adoption
■ Prevent sensitive data from being stored
in the cloud
■ Limit data access based on device risk
level
■ Govern external sharing
solution:
■ Inline data protection for unmanaged
devices/BYOD
■ Bidirectional DLP
■ Real-time sharing control
secure
google
apps +
byod
business
data giant

STORYBOAR
use case 2: achieve regulatory compliance
■ upload + download dlp and encryption
■ protect regulated cloud data on byod
■ control over external share & sync
■ leverage integrated identity management
to ensure secure auth

STORYBOAR
US
hospital
system
client:
■ 7000 employees in southeastern US
challenge:
■ Require HIPAA compliance with move to
public cloud
■ Respect user privacy
■ Support future O365 migration
solution:
■ DLP policies applied to PHI
■ Selective wipe, enforce device PIN and
encryption
hipaa
compliant
byod

STORYBOAR
use case 3: agentless byod security
■ secure devices without invasive profiles or
certificates
■ protect “unwrappable” cloud and native
apps
■ selectively wipe corporate data
■ enforce device security policies
■ full data control and visibility for IT

STORYBOAR
client:
■ 8000 employees
■ s&p 500
challenge:
■ Lack of adherence to BYOD security
measures
■ Failed MobileIron and SAP Afaria
deployments
solution:
■ Bitglass Agentless – device / OS
independent
■ Fast deployment
■ Logging for compliance with internal data
security policies
■ Seamless integration with
ActiveDirectory
fortune 500
beverage
co.
byod
security

STORYBOAR
our
mission
total
data
protection est. jan
2013
100+
customers
tier 1
VCs

STORYBOAR
our
solutions
cloud mobile breach
16

resources:
more info about cloud security
■ bitglass report: cloud adoption by industry
■ case study: UNC Charlotte secures dropbox
■ case study: fortune 100 healthcare firm secure O365

STORYBOAR
bitglass.com
@bitglass