a secure future in the cloud - client.blueskybroadcast.com€¦ · cloud app discovery &...
TRANSCRIPT
![Page 1: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/1.jpg)
A Secure Future In The Cloud
Cloud App Discovery & Analysis
Eric AndrewsBlue Coat Systems, Inc.
![Page 2: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/2.jpg)
Cost effective
Remote access
Agility and speed
Better collaboration
Improved productivity
Cloud apps are becoming an essential part of business
![Page 3: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/3.jpg)
The Cloud Office — Coming Your Way
Email, Chat, File Share, Conferencing, Social, Office Apps
(Archive, Device Management, Loss Prevention, Discovery)
Source: Gartner 2014
The Cloud Services Market will reach $278 Billion by 2018– Gartner 1Q2016
Forecast Analysis: Public Cloud Services, Worldwide, 1Q16 Update
![Page 4: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/4.jpg)
Who is Responsible for Security in the Cloud?
Cloud App Providers mission and your mission are not always aligned
. . . That result from your unauthorized action or lack of action when
required, or from your employees, agents, contractors, or vendors, or
anyone gaining access to our network by means of your passwords or
equipment, or otherwise resulting from your failure to follow appropriate
security practices. . .
Microsoft’s Policy(the fine print)
“95% of cloud security failures will be
the customer’s fault”
- Gartner Predictions for 2016
. . . While AWS manages security of the cloud, security in the cloud is the
responsibility of the customer. Customers retain control of what security they
choose to implement to protect their own content, platform, applications,
systems and networks, no differently than they would for applications in an
on-site datacenter . . .
Amazon’s Policy(the fine print)
. . . Box will not be liable for any loss or damage arisingfrom any unauthorized use of your accounts…Box will have no liability of any kind as a result of the deletion of, correction of, destruction of, damage to, loss or failure to store or encrypt any Content . . .
Box’s Policy(the fine print)
. . . Customer will use its reasonable endeavors to prevent unauthorized use of the Services, and to terminate any unauthorized use. Customer will promptly notify Google of any unauthorized use of, or access to, the Services of which it becomes aware. . .
Google’s Policy(the fine print)
. . . you are responsible for all use of DocuSignSignature associated with your Account; . . . you are solely responsible for maintaining the confidentiality of your Account names and password(s) ..Subscriber will indemnify us from claims related to the nature and content of all materials, data, . . . of any nature submitted by subscriber or its authorized users . . .
DocuSign’s Policy(the fine print)
![Page 5: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/5.jpg)
A Secure Future in the Cloud
Cloud AppVisibility
Identify Shadow IT & Monitor cloud app usage in real time
Data Governance & Controls
Govern sensitive data with granular controls, encryption and tokenization
ThreatProtection
Combat evolving threats leveraging user behavior analytics
![Page 6: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/6.jpg)
A Secure Future in the Cloud
Data Governance & Controls
Govern sensitive data with granular controls, encryption and tokenization
ThreatProtection
Combat evolving threats leveraging user behavior analytics
Cloud AppVisibility
Identify Shadow IT & Monitor cloud app usage in real time
![Page 7: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/7.jpg)
This is a big problem. With zero visibility the IT dept
Can’t identify risky or non-compliant apps &
Can’t set informed app controls to mitigate risk
admits to using unsanctioned cloud apps
of workforce
Source: CIO Insight
What is Shadow IT? All the IT assets and cloud apps used in an organization,
without the knowledge of IT (unsanctioned apps)
![Page 8: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/8.jpg)
How many
apps do you
think your
employees
are using?
40-50 appsIT DEPT. PERCEPTION
REALITY
Source: 1Elastica Q4 2015 Shadow Data Report
![Page 9: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/9.jpg)
Shadow IT: Top 10 Apps
1H 2015
2H 2015
More Users
Less Users
2 3 41 5 7 8 96 10
Source: Elastica 2H 2015 Shadow Data Report
![Page 10: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/10.jpg)
Top 5 Collaboration & File Sharing Apps
2H 2015
2 3 41 5
![Page 11: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/11.jpg)
SWGs or
Firewalls
sends logs
to CASBs
CASB solutions identify cloud app usage from logs
Step 1: Discovery What cloud apps are being used? Who’s using them?
![Page 12: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/12.jpg)
Business Readiness RatingTM
Multi-factor Authentication X
Admin Audit Trail
SOC2 Compliant
HIPAA Compliant X
REST API Support X
Federated Identity Management
38
Data at Rest Encryption X
. . .
Risk Attributes
![Page 13: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/13.jpg)
Step 2: Analysis
How risky are these apps?
Who is using these risky apps?
Do these apps meet compliance
requirements?
Where is in the world is my data going?
How exposed are we?
![Page 14: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/14.jpg)
Tailor risk analysis to your organization
Perform side-by-side comparative analysis of alternative apps
Are there apps we need to monitor or stop using entirely?
Can we switch users of risky apps to better alternatives?
Can we reduce costs by consolidating multiple accounts?
What is my cloud adoption policy?
Step 3: Decision Making
![Page 15: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/15.jpg)
Cloud app analysis can be used to define and enforce policies
based on app names, app groups, app “Business Readiness
Rating”, app risk attributes
Which applications should be blocked altogether?
Which applications should be monitored?
What is an appropriate Business Readiness Rating, below which I should block?
What other risk attributes should be used to enforce policy? Compliance? SOC-2? MFA?
How to configure and enforce policies?
Cloud App Analysis
Manual or AutomatedManagement
SWG or FW
Step 4: Enforce ControlDefine and enforce policies throughSecurity proxies or firewalls
![Page 16: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/16.jpg)
Step 5: Continuous Monitoring Stay up-to-date and compliant with comprehensive dashboards & reports
![Page 17: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/17.jpg)
Cloud App Visibility & Analysis
Discover cloud apps and users
Analyze apps for business readiness & compliance
Make informed decisions to improve security & save money
Control ongoing cloud app use with policy enforcement
Continuously Monitor for compliance & risk management
![Page 18: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/18.jpg)
Free Shadow IT Risk Assessment Analytics on your cloud app risks
and compliance issues
App usage anomalies across your organization
What apps you should sanction and what apps you should block
![Page 19: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/19.jpg)
SanctionedApps
UnsanctionedApps
Securing The Cloud App Landscape
Shadow IT Risk Assessment
![Page 20: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/20.jpg)
Securing The Cloud App Landscape
![Page 21: A Secure Future In The Cloud - client.blueskybroadcast.com€¦ · Cloud App Discovery & Analysis Eric Andrews Blue Coat Systems, Inc. Cost effective Remote access Agility and speed](https://reader033.vdocuments.us/reader033/viewer/2022050408/5f84e3920a81a32c0663da8f/html5/thumbnails/21.jpg)
A Secure Future in the Cloud
Cloud AppVisibility
Identify Shadow IT & Monitor cloud app usage in real time
Data Governance & Controls
Govern sensitive data with granular controls, encryption and tokenization
ThreatProtection
Combat evolving threats leveraging user behavior analytics