cloud services risk assessment report - veracomp adria · 2018-02-07 · 101 customer success...
Post on 25-May-2020
2 Views
Preview:
TRANSCRIPT
Cloud ServicesRisk Assessment ReportShadow IT Analytics & Business Readiness Ratings
January 1, 2015Based on all data sources from December 1, 2014 to December 31, 2014
Legend & Terminology
Shadow ITCloud or SaaS Services already adopted by users in your enterprise without prior approval from IT - These services may pose risk exposure or compliance issues.
Business Readiness Rating (BRR)BRR (on a scale from 1-100) is assigned to cloud services based on a comprehensive set of attributes such as whether a cloud service meets certain compliance certifications, has multi-factor authentication and requires strong password rules.
Attributes are categorized into seven dimensions and each dimension is graded on a star chart.
Audit ScoreUser-Weighted Average BRR of all services discovered. Simply put, more users using services with low BRR, lower the average BRR or Audit Score.
High Risk ServicesServices with BRR less than 50
Med Risk ServicesServices with BRR between 50 and 79 inclusive
New ServicesServices discovered for the first time in the user defined time range
UsersRepresented by username, user ID, IP address or random number (in case of anonymization)
SessionsHTTP sessions represent how “chatty” the service is.
DestinationsGeographic location(s) of where the service is hosted
Access
DataCompliance
Business Informational
ServiceAdministrative
MoreUsers
LowBRR
Services
LowAuditScore
& =
49≤
7950 ~
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
0.13.0-15Palo-Alto
0.13.0-16Palo-Alto
192.168.25-allCisco
BernCisco
BlueCoatFirewallBluecoat ProxySG
Checkpoint July 17Checkpoint
Checkpoint New DelimiterCheckpoint
Cisco 2ndOct1Cisco
Cisco ASACisco
Cisco-AppzCisco
Cisco-BSDCisco
cisco-lmdbCisco
cisco-newCisco
CiscoASA-Oct1Cisco
CiscoFWCisco
CiscoLargeOct8Cisco
Cp-HadoopCheckpoint
CUSyslogsCisco
DSJuniper SRX
GP-CustomMcAfee Web Gateway
GP-NewMcAfee Web Gateway
JP-SRXJuniper SRX
JP-SRX-2Juniper SRX
JP-SRX-GoogleJuniper SRX
Juniper-0.16.0-7Juniper SRX
JUNIPEROCT1_2ndJuniper ScreenOS
KU-Cisco_BSDCisco
McAfee_Normal_FilterMcAfee
McAfee_Normal_OutputMcAfee
MZ - PAN IETF DEFAULTPalo-Alto
MZ - BarracudaBarracuda
MZ - Cisco BSD DefaultCisco
PA-200-ALL.tar.gzPalo-Alto
PA-ALLPalo-Alto
PAN 0.15.2Palo-Alto
PAN BSD DEFAULTPalo-Alto
PAN BSD ISOPalo-Alto
PAN IETF CUSTOMPalo-Alto
PAN IETF DEFAULTPalo-Alto
ScanSafeScanSafe
SonicFWSonicwall
Squid-IPDetectSquid
Squid-IPS-1Squid
TZ-0804Cisco
Data Sourcesfrom Dec 1, 2014 to Dec 31, 2014
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Table of Contents
EXECUTIVE SUMMARY
Risky Services
Most Used Services
New Services
Most Active Users
Service Categories
Service Hosting Locations & Data Centers
LIST OF DISCOVERED SERVICES
LIST OF USERS
RECOMMENDATIONS
4-9
4
5
6
7
8
9
10
17
24
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Services421were discovered
in your environment
Audit Score ofall discovered services is
56
out of 421 services (45%)are at medium or higher risk189
NEW SERVICES
18 of these services (10%) are new services
USERS
1,189 of 2,230 users (53%) use these services
CATEGORIES
7 of 14 categories (50%) belong to these services
DATA UPLOAD
45GB of 241GB uploads (19%) to these services
DATA DOWNLOAD
128GB of 609GB downloads (21%) from these services
SESS IONS
138,000 of 431,250 sessions (32%) are by these services
DESTINATIONS
3 of 30 destinations (10%) host these services
MOST USED SERVICES
54 of these services (29%) are used by at least 20% of users
Risky ServicesBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Services421were discovered
in your environment
out of 421 services (32%)are used by at least 20% of users135
NEW SERVICES
10 of these services (16%) are new services
USERS
1,784 of 2,230 users (80%) use these services
CATEGORIES
8 of 14 categories (57%) belong to these services
DATA UPLOAD
56GB of 241GB uploads (23%) to these services
DATA DOWNLOAD
491GB of 609GB downloads (81%) from these services
SESS IONS
305,761 of 431,250 sessions (71%) are by these services
DESTINATIONS
12 of 30 destinations (40%) host these services
RISKY SERVICES
31 of these services (23%) are at medium or higher risk
Most Used ServicesBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Services421were discovered
in your environment
out of 421 services (4%)are newly discovered during this period16
USERS
63 of 2,230 users (3%) use these services
MOST USED SERVICES
None of these services is used by at least 20% of users
CATEGORIES
2 of 14 categories (14%) belong to these services
DATA UPLOAD
931MB of 241GB uploads (<1%) to these services
DATA DOWNLOAD
2GB of 609GB downloads (<1%) from these services
SESS IONS
4,947 of 431,250 sessions (1%) are by these services
DESTINATIONS
2 of 30 destinations (7%) host these services
RISKY SERVICES
12 of these services (75%) are at medium or higher risk
New ServicesBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Users887in the company access
421 SaaS services
of active users (177 users) use:20%
RISKY SERVICES
42 of 189 risky services (22%)
NEW SERVICES
8 of 16 new services (50%)
DATA UPLOAD
56GB of 241GB data upload (23%)
DATA DOWNLOAD
491GB of 609GB data download (81%)
SESS IONS
305,761 of 431,250 sessions (71%)
ALL SERVICES
50 of 421 services (12%)
Most Active UsersBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Categories14belong to the 489 services
discovered in your environment
of these categories (50%)belong to the risky services7
TOP R ISKY CATEGORIESBASED ON USERS
TOP R ISKY CATEGORIESBASED ON DATA USAGE
TOP R ISKY CATEGORIESBASED ON SESS IONS
Online Surveys (48%)Inbound Marketing (43%)
Survey Data Analysis (31%)
Customer Experience Management (28%)
E-commerce (27%)
Video Platform (48%)IT Training (43%)
Employee Career management (31%)
Software Development (28%)
Supply Chain Management (27%)
Social Networking (48%)Video Platform (43%)
IT Training (31%)
Media (28%)
Supply Chain Management (27%)
Service CategoriesBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Locations of thetop 5 data centers
Locations of the risky andmost used services
DESTINATIONS THAT HOSTRISKY SERVICES
35 of 145 destinations (24%)host the 189 risky services
Asburn (49%)United States
Cambridge (38%)United States
Unknown (35%)United States
San Antonio (30%)United States
Seattle (21%)United States
DESTINATIONS THAT HOSTMOST USED SERVICES
63 of 145 destinations (43%)host the 135 most used services
Mountain View (42%)United States
Seattle (28%)United States
Santa Monica (9%)United States
San Jose (5%)United States
San Francisco (4%)United States
DATA CENTERS THAT AREMOST USED
Top 5 of 12 data centersaccount for 59% of 32GB total traf�c
Amazon Web Services (31%)13 locations, private
Windows Azure (12%)5 locations, private
CloudScaling (8%)1 location, hosted on Rackspace
Rackspace Cloud (5%)1 location, private
Softlayer (3%)3 locations, private
Service Hosting Locations & Data CentersBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Users Tra�c Sessions Destinations
Feedbackify!
feedbackify.comFeedback Management1 23
Pusher
pusher.comRealtime Messaging2 25
Pluralsight
pluralsight.comIT Training, Developer Training3 25
Bitcasa
bitcasa.comFile Sharing4 38
Security Metrics
securitymetrics.comHosted Vulnerability Scanners5 23
AdvertServe
advertserve.comInventory Management6 30
Compete
compete.comBusiness Intelligence, Digital Marketing7 30
Insightera
insightera.comPredictive Analytics8 23
goroost
goroost.comDesktop Alerts9 25
Comscore
comscore.comMarketing Analytics, Brand Management10 23
ChannelAdvisor
channeladvisor.comE-Commerce11 33
Janrain
janrain.comSocial Media Management12 33
Polldaddy
polldaddy.comOnline Surveys13 40
Sina
sina.comMedia14 28
Kampyle
kampyle.comCRM, Customer Experience Management15 28
Websnapr
websnapr.comStock Photos16 15
CrunchBase
crunchbase.comDatabase17 18
QuestBack
questback.comCustomer Experience Management18 35
1&1 Control Panel
1x1controlpanel.comWebsite Creation Tools19 30
UserZoom
userzoom.comMarket Research, Online Usability Testing20 28
25
25
15
496
8
3% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
3% <1% 3%
2% 2% 3%
56% <1% 3%
<1% <1% 7%
23
22
8
10
7
2% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
2% <1% 3%
<1% 2% 3%
1% <1% 3%
<1% <1% 7%
35
34
78
13
12
4% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
4% <1% 3%
9% 2% 3%
1% <1% 3%
1% <1% 7%
2
3
30
14
10
<1% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
<1% <1% 3%
3% 2% 3%
2% <1% 3%
1% <1% 7%
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
List of Discovered ServicesBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Used by at least 20% of all usersNewly discovered service
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
GainsightCustomer Success Management101
XYDOSocial Networking102
Landmark Farm SoftwareFarm Management103
Glispa A�liate InterfaceOnline Marketing104
Walker InformationCustomer Research105
QlikViewBusiness Intelligence, Big Data106
OB10Supply Chain Management107
Human Information Project DataReporting, Analytics108
Tiscali Email ServicesEmail109
YapStoneOnline Payments, Payments Platform110
NeedleE-Commerce111
AppceleratorMobile Developer Tools112
CintPanel Management113
MozSearch Engine Optimization & Marketing114
CarFaxVehicle Tracking115
Republic ProjectMarketing Campaign Management116
CardMeetingCollaboration, Messaging117
PythonanywhereCollaboration, Hosting118
SatmetrixCustomer Experience Management119
Security MetricsHosted Vulnerability Scanners120
Carlson WagonlitTravel121
DiagramlyOnline Diagramming122
AgilOneBusiness Intelligence, Predictive Analysis123
ReferralCandyReferral124
WebnodeCMS125
WalkMeTelecommunications, Telephony126
ForteE-Commerce, Payment Systems127
IPVanish VPNSecurity, VPN128
PlacedLocation-Aware Mobile Advertising129
DIYSEOOnline Marketing, Search Engine Optimization130
YolaWebsite Creation Tools131
Email CheckerEmail Validation132
PusherRealtime Messaging133
NutanixCloud Management134
CritsendEmail Delivery135
PhishTankSecurity136
SyncForcePortfolio Management137
MyCignaHealth Insurance, Health Care138
PRWebPublic Relations139
BshareFile Sharing140
ActiveConversionMarketing Automation141
EventsforceEvent Management142
MailgunEmail, Email Delivery143
Informatica CommunitiesBig Data, Warehouse Management144
AppsflyerTracking145
FusebillBilling Management146
Infor XtremeERP, CRM, Supply Chain Management147
Equinix Cloud ServicesData Centers, Cloud Services148
Newton SoftwareSocial Media Recruiting149
UserZoomMarket Research150
List of Discovered ServicesBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Used by at least 20% of all usersNewly discovered service
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
# Risky / All Services Tra�c Sessions Destinations
413558Most used service: Bitcasa1
413457Most used service: O�ce 3652
413451Most used service: Bitcasa3
413566Most used service: Cisco WebEx4
413976Most used service: Google Mail5
413479Most used service: Skype6
413469Most used service: Paypal7
413556Most used service: Bitcasa8
413552Most used service: Experian9
413540Most used service: Salesforce Force.com10
413562Most used service: Google Mail11
413682Most used service: Bitcasa12
413689Most used service: Polldaddy13
413544Most used service: Salesforce14
413516Most used service: Yahoo Mail15
413430Most used service: UserVoice16
413772Most used service: Google Developers17
413494Most used service: Pardot18
413023Most used service: Bamboo-Atlassian19
413569Most used service: Yahoo Mail20
175
168
164
159
155
9% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
9% <1% 3%
9% 2% 3%
9% <1% 3%
6% <1% 7%
148
139
133
125
121
7% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
7% <1% 3%
8% 2% 3%
3% <1% 3%
7% <1% 7%
116
115
113
109
102
10% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
7% <1% 3%
10% 2% 3%
3% <1% 3%
0% <1% 7%
98
98
91
86
84
15/
14/
14/
15/
9/
11/
10/
10/
4/
8/
12/
8/
11/
3/
0/
5/
9/
10/
8/
7/
5% 13,231
3,092
9,580
45
2,537
3% 3
1
1
1
2
10%
9% <1% 3%
11% 2% 3%
9% <1% 3%
8% <1% 7%
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
risky
Most used risky service: Gainsight
Most used risky service: Bitcasa
Most used risky service: Websnapr
Most used risky service: CrunchBase
Most used risky service: Tiscali Email Services
Most used risky service: OB10
Most used risky service: Walker Information
Most used risky service: YapStone
Most used risky service: QlikView
Most used risky service: Satmetrix
Most used risky service: CarFax
Most used risky service: Appcelerator
Most used risky service: Polldaddy
Most used risky service: Cint
Most used risky service: Moz
Most used risky service: Pythonanywhere
Most used risky service: Republic Project
Most used risky service: Needle
Most used risky service: Cint
Most used risky service: Yola
Most used services by tra�c
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
6.0 GB
4.7 GB
645.0 MB
941.0 MB
73.4 GB
7%
1%
<1%
<1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
73.4 GB
941.0 MB
645.0 MB
4.7 GB
6.0 GB
7%
1%
<1%
1%
<1%
List of UsersBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Top 20% user by sessionsTop 20% user by tra�c
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
413558Most used service: Bitcasa1
413457Most used service: O�ce 365
413451Most used service: Cisco WebEx
413566Most used service: Bitcasa
413976Most used service: Google Mail
413479Most used service: Skype
413469Most used service: Paypal
413556Most used service: Experian
413552Most used service: O�ce 365
413540Most used service: Bitcasa
413562Most used service: Salesforce Force.com
413682Most used service: Salesforce
413689Most used service: GitHub
413544Most used service: Bitcasa
413516Most used service: Skype
413430Most used service: Polldaddy
413772Most used service: Yahoo Mail
413494Most used service: UserVoice
413023Most used service: Google Developers
413569Most used service: O�ce 365
413430Most used service: Google Mail
413772Most used service: Peopleclick Authoria
413494Most used service: Pardot
413023Most used service: Bamboo-Atlassian
413569Most used service: Zendesk
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
413558Most used service: Gandi
413457Most used service: HubSpot
413451Most used service: QuestBack
413566Most used service: SurveyMonkey
413976Most used service: Yahoo Mail
413479Most used service: SurveyMonkey
413469Most used service: Concur
413556Most used service: Wistia
413552Most used service: JIRA
413540Most used service: Janrain
413562Most used service: Google Mail
413682Most used service: ChannelAdvisor
413689Most used service: Feefo
413544Most used service: Keen IO
413516Most used service: O�ce 365
413430Most used service: Marketo
413772Most used service: Pusher
413494Most used service: Skype
413023Most used service: Feedbackify!
413569Most used service: Feedbackify!
413430Most used service: Bitcasa
413772Most used service: AdvertServe
413494Most used service: SlideShare
413023Most used service: Google Support
413569Most used service: Lithium
Most used services by tra�c
List of UsersBased on all data sources from Dec 1, 2014 to Dec 31, 2014
Top 20% user by sessionsTop 20% user by tra�c
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Recommendations
Here are some insights and actions you can take based on Shadow IT discovery and analytics:
Understand usage details for services in your organization with high risk and high usage:Feedbackify!, Pusher, Pluralsight, Bitcasa, Security Metrics, etc.
Consider adopting popular SaaS Services that are more business ready. Find and compare equivalent services in the Audit App to research and evaluate.
Identify and streamline services belonging to the same categories. Choosing the one with lower risk can help you better manage and secure information assets that belong to the company, save your business $$, while being flexible to the business needs.
For instance, there were 15 file sharing services discovered: Google Drive, Bitcasa, Box, Dropbox, OneDrive, etc.
Protect your company’s data using Elastica’s Securlets that provide you with advanced security controls even for the Cloud Services that are business ready such as Box or Google Drive. Users can still perform actions with or without malicious intent that can harm your enterprise such as share sensitive content with the outside world or steal IP upon leaving the company.
1
2
3
4
Learn more about AuditElastica CloudSOC™ The Security Operations Center for Your Cloud Apps
Auditshadow IT
Detectthreats
Protectdata
Investigatetransactions
Data Science Powered™ Cloud App SecurityElastica is the leader in Data Science Powered™ Cloud Application Security. Its CloudSOC™ platform empowers companies to confidently leverage cloud applications and services while staying safe, secure and compliant. A range of Elastica Security Apps deployed on the extensible CloudSOC™ platform deliver the full life cycle of cloud application security, including auditing of shadow IT, real-time detection of intrusions and threats, protection against intrusions and compliance violations, and investigation of historical account activity for post-incident analysis.
3055 Olin Avenue, Suite 2000, San Jose, CA 95128
sales@elastica.net elastica.net•
top related