what is a casb and why do you need it? · 2019-05-23 · what is a casb and why do you need it?...
TRANSCRIPT
What is a CASB and Why Do
You Need It?May 22, 2019
What is a CASB and Why Do You Need It?
Today’s web conference is generously sponsored by:
Bitglasshttps://www.bitglass.com/
What is a CASB and Why Do You Need It?
Moderator
Ken Dunham brings more than 28 years of business, technical and leadership experience incyber security, incident response and cyber threat intelligence to his position as senior directorof technical cyber threat intelligence for Optiv. In this role, he is responsible for the strategyand technical leadership to mature Optiv’s data integration and innovation of intelligence-based security solutions. He also runs his own advanced intelligence response company, 4D5ASecurity LLC, and a non-profit for incident responders around the world called RampartResearch.
Mr. Dunham has a long history of innovation for nascent technologies and solutions such ascreation of training programs for U2, Warthog, and Predator systems for the USAF,responsible disclosure (iDEFENSE), and cyber threat intelligence (iSIGHT Partners). He is awidely published author with thousands of security articles and multiple books on topicsranging from Darknet disclosures to mobile threats and mitigation of malware.
Ken Dunham, Senior Director of Technical Cyber Threat Intelligence, Optiv
What is a CASB and Why Do You Need It?
Speaker
Lee Neely is a Senior Cyber Analyst at Lawrence Livermore National Laboratory, focused on leading the Entrust PKI team, mobile device security, cloud assessment and new technology security efforts. Lee is also a SANS Analyst and Mentor and member of the SANS NewsBites editorial board. He is a co-host for Paul’s Security Weekly podcast. He has worked in computer security since 1989.
Lee Neely, Senior Cyber Analyst, Lawrence Livermore National Laboratory
What is a CASB and Why Do You Need It?
Speaker
Rich joined Bitglass as VP Products, and has served in various roles at the company, including most recently as CMO. Prior to joining Bitglass, Rich was senior director of product management at F5 Networks, responsible for access security. Rich gained valuable experience in product management and sales engineering at Juniper Networks and at Sprint before working at F5. Rich received an M.B.A. from the UCLA Anderson School of Management and a B.S. in electrical engineering from Pennsylvania State University
Rich Campagna, VP Products, Bitglass
ISSA Thought
Leadership Series:
What Is A CASB and
Why Do You Need it?
6
Supporting Services
● HR: Job Postings, Job Applicants, Talent Search
● Developers: Code Repositories, Wiki postings
Business Authorized
● G-Suite, Office 365, Salesforce, ERP, specialized reporting
● Azure, AWS, Rackspace
● Outsource to cloud conversion e.g. ADP
Collaboration
● Google, Box, Dropbox, One Drive, etc.
● WebEx, GoTo Meeting, Skype, Zoom, Hangouts, etc.
Shadow IT (Informal/Unauthorized solution)
● “free” service use
● End-Run controls
Cloud Use Explosion
Cloud and mobile are beyond the firewall...
Legacy Tech
Firewall
Web Proxy
IPS / IDS
DLP
MDM
8
Problem
...leaving legacy security technologies obsolete.
Managed appsUnmanaged apps
Managed devicesUnmanaged devices
CASB Data & Threat Protection
● Visibility
● Appropriate service use
● Data Protection - storage and exfiltration
● Collaboration when partners have different standards
● Capturing Risk Envelope
● Agility
● Mobile/External workforce
● Allow use of new services
● New Service delivery model
Problem: Cloud Complicates Things
Enterprise
End-user devices
Visibility & analytics
Data protection
Identity & access control
Application
Storage
Servers
Network
App vendor
SaaS Shared Responsibility Model
11
What is a CASB? Per Gartner:
Products and services that address security
gaps in an organization’s use of cloud
services.
● By 2022, 60% of large enterprises will use a
CASB to govern some cloud services, up
from less than 20% today.
● Through 2023, at least 99% of cloud security
failures will be the customer’s fault.
Cloud Access Security Brokers (CASBs)
Threat
Protection
Data
Protection
Identity Visibility
API Integration
● Visibility and control over data-at-rest
Forward Proxy
● Managed device controls for sanctioned/unsanctioned apps
Reverse Proxy
● Agentless managed/unmanaged device controls for sanctioned
apps
Protocol-specific proxies
● Purpose-built agentless proxies for common use cases
(ActiveSync for mobile devices)
How CASBs Work
Managed Devices
● Passive proxy only inline on-site or with VPN
Unmanaged Devices
● Must route through reverse proxy
● Accessing unsanctioned cloud service
Sanctioned Apps
● Must route through reverse proxy
Mobile Devices
● Full Device Proxy vs Application Proxy
CASB Gap
Must be in data path and able to monitor/manipulate
Monitoring
● Discover cloud use
● Develop process for authorization decision
● Determine consequences
● Assign resources
CASB Data
● Data for “all” user browsing can be sensitive
● Determine and verify implementation of data protection requirements
● On-Prem? Cloud? Encrypted?
Define success
● Discover cloud use
CASB Maturity
Don’t start by blocking, know where CASB stores data
16
100,000+ users in 200 countries
Challenges
■ Consistent security across all cloud apps, incl. long-tail
■ Secure access from any device, managed or unmanaged
■ Agentless mobile security
Solution
■ Zero-day, agentless real-time security
■ Access control on managed & unmanaged devices
■ Real-time and at-rest DLP
■ Agentless mobile security for BYOD
17
Banking Giant
Challenges
■ Encrypt sensitive data in SaaS applications
■ Preserve functionality - search, sort etc.
■ Incumbent Symantec did not perform
Solution
■ Bitglass encryption for Salesforce, Box, Marketo
■ Private cloud, on-premise or AWS deployment
■ Encrypt/decrypt PII & email addresses
■ SMTP mail relay for decryption
Agentless deployment,
any device
Real-time data & threat
protection, anywhere
Zero-day security,
any app or workload
18
Only Bitglass
Global enterprise success via
sustained innovation and scale #1