No TradeoffsCloud Security and Privacy

Don’t Need

To Be at Odds

Jervis Hui, Product Marketing Manager

There are 10,000 enterprise

apps today (and growing).

© 2015 Netskope. All Rights Reserved. 3

Actual:

917

IT estimate:

40-50

IT is blind to 90%

of cloud apps

>90% of apps are not

enterprise-ready

App Redundancy:

• 62 Marketing

• 37 Collaboration

• 28 HR

• 34 Finance

• 27 Productivity

• 23 Cloud StorageImpacts

CISO, CIO, and CFO

© 2015 Netskope. All Rights Reserved.

How Do Cloud Apps Get In?

4

IT-led

Business-led

User-led

10%

70%

20%

Mostly

Unsanctioned

Sanctioned

5

apps

• 917+ cloud apps

per enterprise

• 94% are not

enterprise-readyusers

• Malicious or

non- intentional

• 15% of corporate

users have had their

account credentials

compromised

data

• 18% of files in cloud

apps constitute a

policy violation

• 22% of those files are

shared publiclyactivities

• Cloud makes it

easy to share

• When is an activity

an anomaly?

Catch-22

Allow is the new block (allow is new block green light slide)

7

© 2015 Netskope. All Rights Reserved.

What about

privacy?

8

© 2015 Netskope. All Rights Reserved.

Dr. Cavoukian’s Privacy by Design Framework

9

Proactive not

reactive;

preventative

not remedial

Privacy as the

default setting

Privacy

embedded into

design

Full

functionality:

positive-sum,

not zero-sum

End-to-end

security; full

lifecycle

protection

Visibility and

transparency –

keep it open

Respect for

user privacy –

keep it user-

centric

7 Requirements for Mitigating

Cloud Usage Risk(while maintaining privacy)

REQ #1Find all cloud apps

running in your

environment and

assess enterprise-

readiness

Privacy Best

Practice #1

Bypass selected

cloud apps

REQ #2Understand Cloud

Usage Details

v

v

Bob in

accounting

From his

mobile phone

vUploading

customer data

to Dropbox

v

Bob’s

credentials

have been

compromised

Privacy Best

Practice #2

Obfuscate personal

details in UI and do

it per role

v

v

Bob in

accounting

From his

mobile phone

vUploading

customer data

to Dropbox

v

Bob’s

credentials

have been

compromised

REQ #3Use surgical

precision in

your policies,

leveraging

contextual

data

Privacy

Best

Practice #3

Differentiate

between

corporate and

personal

cloud usage

REQ #4Enable right-sized

admin privileges SharePoint

Admin

User

Email

REQ #5Find sensitive

data tied to an

activity or stored

in a cloud app

REQ #6Enforce

policies by

source and

destination

country

REQ #7Don’t leave users in the dark.

Coach them on safe usage.

5:Find sensitive data tied to an

activity or stored in a cloud

app

3:Use surgical precision in your

policies and leverage context

2:Understand cloud usage

details

4:Enable right-sized admin

privileges1:Find all cloud apps and

assess enterprise-readiness

6:Enforce ppolicies by source

and destination country.

Bypass selected cloud apps

Obfuscate personal details in UI

Differentiate between personal and

corporate cloud usage 7:Don’t leave users in the dark.

Coach them on safe usage.

THANK YOU!

To learn more, visit the Netskope booth and see a live demo