netskope cloud confessions - computer sweden, idg...cloud risk audit executive summary 3,501 28k 339...
TRANSCRIPT
2016 © Netskope. All rights reserved.
Netskope OverviewCASB 2.0
2016 © Netskope. All rights reserved. 2
Cloud Access Security Broker, CASB
2016 © Netskope. All rights reserved.
Gartner’s Market Guide for CASB
3
VISIBILITY
DATA
SECURITY
COMPLIANCE
THREAT
PROTECTION
The Four Pillars of CASB
“CASB is a required security platform for
organizations using cloud services.”
2016 © Netskope. All rights reserved.
Introductions and Agenda
• Introductions
• Your cloud adoption and policy…
• Short overview
• Product demo
• Q&A / Next steps
4
Tommie [email protected]
Thomas Hedströ[email protected]
2016 © Netskope. All rights reserved.© 2015 Netskope. All Rights Reserved. 5
2016 © Netskope. All rights reserved.
2016 © Netskope. All rights reserved. 7
Data Center
YESTERDAY TODAY
Mobile Users
Branch Office
HQ Remote Users
VPN
HQ Branch Office
Data Center
Remote Users
VPN
Netw
ork Perim
eter
2016 © Netskope. All rights reserved.
Four Ways Users Interact With Cloud AppsOffice 365 Example
8
Web Browser
Sync Client
Mobile App
App Ecosystem
2016 © Netskope. All rights reserved.© 2015 Netskope. All Rights Reserved.
Streamline Legal and Security process selecting apps**CSA average 18 days assessment
9
Auditing and Certifications
FinancialViability
Legal
SLAs
Vulnerabilities and Exploits
Product Capabilities
‣ Netskope research team measures
the enterprise-readiness of ~20000
cloud apps
‣ Make risk based decisions
‣ Vendor assurance flow
‣ Evaluate new cloud apps or assess
risk with discovered apps
Research Team
Inherent app security
Auditing and third-party certifications
Legal, ToCs
Service-level agreements
Security vulnerabilities and exploits
Financial viability, will app vendor be around
Privacy
7+
RIS
K F
AC
TOR
S
2016 © Netskope. All rights reserved. 1010
30%
95% of the apps are unknown by IT
Most apps are not enterprise-ready
End user is the new perimeter
There are 20,000+enterprise cloud apps today (and growing)
Business data moving to cloud
935 apps on average, how do they get in?
5%
75%
20%
2016 © Netskope. All rights reserved.© 2015 Netskope. All Rights Reserved.
Old method was Blocking unsanctioned apps
• If you block the “good” ones
other unsecure ones will
pop up
• Set policys based on
enterprise-readiness
• Use DLP to inspect data
and monitor activities
• Optimize spend by reducing
redundant apps or licenses
UNDERSTAND
2016 © Netskope. All rights reserved.
Gartner´s 5 steps to close the SaaS security gap
• Proactively recommend cloud services that are business-ready and appropriate for your organization’s business and technical needs, so that security standards can be addressed. Netskope Cci Index helps you take risk based decisions
• Use tools to ensure that you’re meeting your organization’s need to secure data across all sanctioned SaaS applications and cloud services. Netskope Active Platform with inline DLP assures data movement is done acc.to policys.
• Use CASBs to reveal unauthorized SaaS applications that are being used and to drive decisions about continued use versus replacement with better alternatives. Netskope Discovery detects Shadow IT SaaS apps.
• CASBs provide a single control point to set policy, monitor behavior and manage risk across the entire set of enterprise cloud services being consumed concurrently, regardless of user or devices. Netskope Ui gives overview of SaaS usage, Shadow IT and Sanctioned apps.
• Deploy threat protection features to cover cloud-based traffic that are inaccessible to your existing security technologies. Netskope Active Threat Protection detects and remediates Malware and Ransomware for all cloud app traffic.
• Support your enterprise’s agility by demonstrating IT can change as rapidly as your business.
• http://www.gartner.com/smarterwithgartner/five-steps-to-closing-saas-security-gaps-2/
12
2016 © Netskope. All rights reserved.
Netskope Uniquely Addresses Key CASB 2.0 Requirements
13
CASB 1.0
ARCHITECTURENo coverage for unsanctioned, mobile,
native apps or sync client100% coverage for all cloud traffic
CONTEXTNo activity-level visibility; forced to
block unsanctioned appsEnable apps; block risky activities
DATA SECURITYBasic DLP; simple regex; sanctioned
apps only
True enterprise-class DLP
enforced with context for all apps
THREAT PROTECTION Limited to no threat protectionAdvanced threat protection built
for the cloud
2016 © Netskope. All rights reserved.
Three Common Deployment Options
14
Discover apps and assess risk Safely enable sanctioned apps Govern all apps and data
‣ Discover cloud apps
‣ Assess risk of apps
‣ Compare apps
‣ Consolidate redundant apps
‣ Deployed via logs or inline proxy
‣ Safely enable apps like Office 365
‣ Identify and secure sensitive data
‣ Protect against malware
‣ Deployed via out-of-band API and/or
inline for real-time visibility & control
‣ Gain real-time visibility and control
‣ Protect against data loss and threats
‣ Govern access and activities
‣ Coach users
‣ Deployed via inline proxy
Netskope DiscoveryNetskope Introspection
Netskope Active Cloud DLP
Netskope Active Threat Protection
Netskope Active
Netskope Active Cloud DLP
Netskope Active Threat Protection
2016 © Netskope. All rights reserved.
Breadth and Depth of Customers
15
High Tech
Financial Healthcare/Life Sciences
Oil & Gas
Retail/Hospitality
Manufacturing
Utility OtherGovernment
2016 © Netskope. All rights reserved.
Demo
2016 © Netskope. All rights reserved.
2016 © Netskope. All rights reserved.
Netskope CRA
2016 © Netskope. All rights reserved.
Cloud Risk Audit Executive Summary
3,501 28k
339 26k
Apps Discovered Users
High Risk Apps High Risk Users
App Total Bytes Risk
OneDrive for
Business1.47 TB M
Dropbox 490 GB L
Live OneDrive 309 GB L
WeTransfer 198 GB H
Google Drive 187 GB L
Non-Enterprise-Ready Apps: 2,704
APPS BY CCL
TOP STORAGE BY TOTAL BYTES
CLOUD APP USAGE SUMMARY
TOP EXPOSURES
Usage Summary
Number of App Categories 53
Total Data Movement 13.7 TB
Data Movement in High Risk Apps 3.7 TB
Top User XX.XX.XX.XX 780 GB
Exposure or Risk Item
DLP Violations 41
Violations as % of Total Files 1
Percent Shared Externally 10
Potentially Compromised
Accts759
Date of Last Compromise 2016/09/02
CONCERNS AND RECOMMENDATIONS
Concern Recommendation
Storage Consolidate, coach, monitor
CRM Manage (SSO), DLP, monitor
Vulnerabilities Block until remediated, coach
Comp. Accts. Identify and alert, monitor
App Redund. Consolidate, coach
Exceptions Granular policy vs. block
CLOUD APP USAGE SUMMARY