beyond the firewall: securing the cloud with a casb (in partnership with csa)
TRANSCRIPT
webinarapr 26
2016
beyond the firewall:
securing the cloud with a
CASB
cloud and mobile are inseparable...
saas
driving corporate data outside the firewall.
security must evolve to
protect data outside the
firewall
ungoverned access to
corporate data in the cloud
hidden Shadow IT threats
sensitive data on
unmanaged devices
the traditional approach to
security is inadequate
native security features can’t be relied uponthe data blind spot
componentsusage/consumption
dataapplication
servicesservers & storage
network
layer
data
application
infrastructure
owner
enterprise
CASB: a better approach to cloud security
identity
discovery
data-centric security
mobile
pollwhat are your
casb deployment
plans?
casb discoverygain visibility into your org’s cloud usage
■ analyze outbound data flows to learn what SaaS apps your organization is using
■ understand risk profiles of different apps
■ essential in process of enabling secure cloud app usage
casb securitya data-centric approach
the new data reality requires a new security architecture
■ cross-device, cross-platform agentless data protection
■ granular DLP for data at rest and in motion
■ contextual access control
■ detailed logging for compliance and audit
mobile security cannot be overlookedprotect data across all devices, managed and unmanaged
■ demand for byod continues to rise
■ employees have rejected mdm and mam
■ IT must securely enable access to frequently used apps
casb identitycentralized identity management is key in securing data
■ cloud app identity management should maintain the best practices of on-prem identity
■ limit potential breaches with contextual multi-factor auth for high risk logins
managed devices
application access access control data protection
unmanaged devices /
byod
in the cloud
Forward ProxyActiveSync Proxy
Device Profile: Pass● Email● Browser● OneDrive Sync
● Full Access
Reverse Proxy + AJAX VMActiveSync Proxy
● DLP/DRM/encryption ● Device controls
API Control External Sharing Blocked
● Block external shares● Alert on DLP events
Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth
typical use caseonly CASB with real-time data protection on any device
pollwhat are your
top cloud security needs?
our solutions
cloud mobile discovery
secure office 365 + byod
client■ 35,000 employees globally
challenge ■ Inadequate native O365 security■ Controlled access from any device■ Limit external sharing■ Interoperable with existing
infrastructure, e.g. Bluecoat, ADFSsolution
■ Real-time data visibility and control ■ DLP policy enforcement at upload
or download■ Quarantine externally-shared
sensitive files in cloud ■ Controlled unmanaged device
access
fortune 50 healthcar
efirm
client■ 15,000 employees in 190+
locations globallychallenge
■ Mitigate risks of Google Apps adoption
■ Prevent sensitive data from being stored in the cloud
■ Limit data access based on device risk level
■ Govern external sharingsolution
■ Inline data protection for unmanaged devices/BYOD
■ Bidirectional DLP■ Real-time sharing control
secure google apps +
byod
business data
giant
client■ 8000 employees ■ s&p 500
challenge ■ Lack of adherence to BYOD security
measures■ Failed MobileIron and SAP Afaria
deploymentssolution
■ Bitglass Agentless – device / OS independent
■ Fast deployment■ Logging for compliance with
internal data security policies■ Seamless integration with
ActiveDirectory
fortune 500
beverage co.
byod security
our mission
total data
protection est. jan
2013
100+ custome
rs
tier 1 VCs
resourcesmore info about cloud security
■ definitive guide to casbs
■ case study: fortune 100 healthcare firm secures o365
■ glass class: cloud security priorities for 2016
download the gartner market guide to casbs
with predictions and recommendations, the market guide is an essential resource for formulating your CASB strategy
download the report
bitglass.com@bitglass