Date post: | 18-Feb-2017 |
Category: |
Technology |
Upload: | bitglass |
View: | 135 times |
Download: | 1 times |
webinarsept 21
2016
CASB cases: how your peers are
securing the cloud
STORYBOARDS
enterprise(CASB)
end-user devicesvisibility & analytics
data protectionidentity & access control
applicationstorageserversnetwork
enterprise vs app vendor security responsibilitiesthe data blind spot
app vendor
STORYBOARDS
security must evolve to
protect data outside the
firewall
ungoverned access to
corporate data in the cloud
hidden Shadow IT threats
sensitive cloud data on
unmanaged devices
STORYBOARDS
CASB: a better approach to cloud security
identity
discovery
data-centric security
mobile
STORYBOARDS
casb securitya data-centric approach
the new data reality requires a new security architecture
■ cross-device, cross-platform agentless data protection
■ granular DLP for data at rest and in motion
■ contextual access control
■ detailed logging for compliance and audit
STORYBOARDS
managed devices
application access access control data protection
unmanaged devices /
byod
in the cloud
Forward ProxyActiveSync Proxy
Device Profile: Pass● Email● Browser● OneDrive Sync
● Full Access
Reverse Proxy + AJAX VMActiveSync Proxy
● DLP/DRM/encryption ● Device controls
API Control External Sharing Blocked
● Block external shares● Alert on DLP events
Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth
typical use casereal-time data protection on any device
STORYBOARDS
use case 1: real-time saas data protection
■ real-time inline data protection
■ leverage proxies to control access to any app on unmanaged devices
■ external sharing control via API
■ integrated data leakage prevention
STORYBOARDS
client:■ 15,000 employees in 190+
locations globallychallenge:
■ Mitigate risks of Google Apps adoption
■ Prevent sensitive data from being stored in the cloud
■ Limit data access based on device risk level
■ Govern external sharingsolution:
■ Inline data protection for unmanaged devices/BYOD
■ Bidirectional DLP■ Real-time sharing control
secure google apps +
byod
business data
giant
STORYBOARDS
use case 2: achieve regulatory compliance
■ upload + download dlp and encryption
■ protect regulated cloud data on byod
■ control over external share & sync
■ leverage integrated identity management to ensure secure auth
STORYBOARDS
secure office 365 + byod
client:
■ 35,000 employees globally
challenge: ■ Inadequate native O365 security■ Controlled access from any device■ Limit external sharing■ Interoperable with existing
infrastructure, e.g. Bluecoat, ADFS
solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload
or download■ Quarantine externally-shared
sensitive files in cloud ■ Controlled unmanaged device
access
fortune 50 healthcar
efirm
STORYBOARDS
client:
■ 180,000 employeeschallenge:
■ HIPAA Compliant cloud and mobile■ Control access to Office 365 from managed
& unmanaged devices■ Control external sharing■ No agents on devices
solution:
■ Real-time inline protection on any device■ Contextual access control on managed &
unmanaged devices (Omni)■ API control in the cloud■ Agentless BYOD with selective wipe■ Enterprise-wide for all SaaS apps
HIPAA compliant
o365 + byod
majorhospital
system
STORYBOARDS
use case 3: agentless byod security
■ secure devices without invasive profiles or certificates
■ protect “unwrappable” cloud and native apps
■ selectively wipe corporate data■ enforce device security policies■ full data control and visibility for IT
STORYBOARDS
client:
■ 8000 employees
■ s&p 500
challenge: ■ Lack of adherence to BYOD security
measures■ Failed MobileIron and SAP Afaria
deploymentssolution:
■ Bitglass Agentless – device / OS independent
■ Fast deployment■ Logging for compliance with
internal data security policies■ Seamless integration with
ActiveDirectory
fortune 500
beverage co.
byod security
STORYBOARDS
use case 4: cloud encryption
■ Key for financial services organizations migrating to the cloud
■ Separation of systems provides an additional layer of security
■ Control your own encryption keys■ Full-strength, 256-bit AES
STORYBOARDS
secure salesforce
+ office 365
15
challenge■ Needed complete CASB for enterprise-wide
migration to SaaS■ Encryption of data-at-rest in Salesforce ■ Office 365 security
solution■ Searchable encryption of data in
Salesforce■ Preserve existing API integrations■ Full control of encryption keys■ Real-time inline DLP on any device
(Citadel)■ Contextual access control on managed &
unmanaged devices (Omni)■ API control in the cloud■ Discover breach & Shadow IT
financial services
giant
STORYBOARDS
our mission
total data
protection est. jan
2013
100+ custome
rs
tier 1 VCs
STORYBOARDS
our solutions
cloud mobile breach
17
resources:more info about cloud security
■ bitglass report: cloud adoption by industry
■ case study: financial services firm encrypts SFDC
■ case study: fortune 100 healthcare firm secure O365
STORYBOARDS
bitglass.com@bitglass