Watch this on-demand webinar with CloudLock and OneLogin to: Identify the top five cyber threats to your cloud environment; Protect against cloud security risks using advanced user and entity behavior analysis; Streamline identity and access management; Easily automate your cloud access management process.
3. Agenda
● IT Complexity Today & Where Organizations Struggle
● Top 5 Cyber Threats to Your Cloud Environment
○ Challenge
○ Solution
○ What You Can Do Now
● CASB + IDaaS - What We Do
● Q&A
4. Increasing IT Complexity
Thousands of employees, partners,
customers, and multiple devices...
Working with many, many apps,
both in the cloud and on-premise.
6. Top 5 Cyber Threats To Your Cloud
Environment
Data
Breaches
Insider
Threats
Account
Compromises
Cloud-
Resident
Malware
Shadow IT &
Cloud-Native
Malware
Top Cyber
Threats
11. #1 Account Compromises
The Solution - IDaaS & CASB
● Eliminate need for application passwords with SSO & enforce adaptive authentication
● Dig up behavioral anomalies for signs of a compromise
● Develop procedure to remediate when a user’s account is compromised:
Detect
suspicious
activity
Enforce MFA
User proves
identity, access
granted
Attacker cannot
verify identity,
access denied
Enforce
Directory
Password Reset
12. Write down a deprovisioning plan
Tomorrow’s Task:
30
MAR
13. #2 Insider Threats
** CloudLock Cybersecurity Report: The 1%
Who Can Take Down Your Organization
14. #2 Insider Threats
● Louise was refused the promotion she
applied for. Louise quit.
● Before quitting, she downloads all customer
lists and contracts she can find on Google
Drive.
● 18 months later, Louise’s account downloads
2 more contracts.
What This Looks Like
PII
16. #2 Insider Threats
The Solution - IDaaS & CASB
● Proactively enforce appropriate access with
IDaaS based on existing AD user groups
● Monitor for employees-gone-rogue by
looking for off-normal SaaS activity
● Take an action - communicate, suspend
access, enforce authentication across cloud
platforms
● Be mindful of dormant accounts from ex-
employees, contractors, and partners.
All Employees:
Sales:
HR:
Finance:
18. #3 Cloud-Resident Malware
● Bob receives a phishing email from his “boss” asking
him to review a malware infected PDF.
● Bob believing the file is legitimate, saves it to his
team’s folder storage in Sharepoint
● Sharepoint synchronizes the file across all team
member’s devices thereby automatically propagating
the malware.
What This Looks Like
20. #3 Cloud-Resident Malware
Proactively enforce
appropriate access
with IDaaS
provisioning engine
Leverage CASB to discover
malware inside SaaS apps
Take an action, remove
malware
Step up authentication
policies
The Solution - IDaaS & CASB
21. Kick off a phishing awareness campaign
Tomorrow’s Task:
30
MAR
22. #4 Shadow IT and Cloud-Native Malware
● Charlie’s organization has more connected
cloud apps than there are minutes in the
year. Some are good, some are bad, some
are ugly.
● Charlie’s colleague authenticates into
“Mocusign” using corporate credentials
● An external 3rd party now has access
Charlie’s Docusign username and password.
● Docusign data and any other applications
accessible with this same set of credentials
are now exposed.
What This Looks Like
25. #4 Shadow IT and Cloud-Native Malware
The Solution - IDaaS & CASB
● Audit firewall logs in CASB
● Audit oauth connected apps in CASB
● Review Unsanctioned App Ratings
○ Detect, block & blacklist malicious apps
○ Ensure low-rated apps are not
provisioned within IDaaS
● Sanction productivity apps and provision
access in IDaaS
** CloudLock Cybersecurity Report: The
Extended Parameter
26. #4 Shadow IT and Cloud-Native Malware
** CloudLock Cybersecurity Report: The
Extended Parameter
The Solution - IDaaS & CASB
● Sanctioned Apps
○ Monitor for license compliance and
bandwidth
● Eliminate app passwords with SSO and set
up automatic app access permissions
rules and mappings based on user roles
and groups
27. Audit Top 250 apps on firewall logs
Tomorrow’s Task:
30
MAR
29. #5 Data Breaches
● Francisco accidentally shares the company’s
upcoming product design files to Matthew’s
personal email address instead of his
corporate account.
● Matthew’s personal address may get hacked
● Matthew may leave the company tomorrow
● Francisco will never realize such sensitive
data is exposed
What This Looks Like
Personal Account
Hacked
App/Access
Locked Down
Unknown
Sent files to
personal email
31. #5 Data Breaches
The Solution - IDaaS & CASB
● Leverage IDaaS to ensure appropriate
entitlements for applications with sensitive data,
restricting access via intelligent SAML
configurations
● Leverage CASB to detect and remediate
improperly shared data
● Selectively encrypt data
● Tie CASB and IDaaS security policies for
immediate mitigation of suspicious behavior
Policy Apps
32. Tomorrow’s Tasks:
30
MAR
Get all business owners
in a room to redefine
what is sensitive.
Educate end users
on safe sharing.
Do’s & Don’t.
33. Lessons Learned
IDaaS and CASB together enable a complete sanctioned IT solution
● Be proactive against the top 5 cyber security threats
● IDaaS and CASB protect both admins and end-users
● CASB identifies misuse of services
● IDaaS enables easy access to all sanctioned applications, based on user
permissions - e.g. enables HR to do HR tasks without IT friction