Reimagine Your PROTECT DATA AND USERS EVERYWHERE … · Integrated IDaaS and Cloud Security Full control of SaaS and Web from one cloud-native platform Reduced Risk: Govern web usage

© Okta and/or its affiliates. All rights reserved. Okta Confidential

Reimagine YourPerimeter

PROTECT DATA ANDUSERS EVERYWHERE

SAFELY ENABLE THE CLOUD AND WEB

DELIVER SECURITYTHAT IS FAST ANDSCALABLE

April 2020

Full visibility

Real-time compliance

User-experience

Dave Garrison, Solutions Engineer

[email protected]

Jeremiah Kear | Solutions EngineerSouthern California

Our mission is to enable any organization to use any technology


Okta at a Glance

Founded in 2009Pioneered Identity Management in the Cloud

NASDAQ Listed April, 2017

8,000+ CustomersSMB to Fortune 500,every industry, every geography

10M+Daily UsersPeople use Okta to securely connect to the tools they need to be productive

6,600+IntegrationsIndustry’s broadest, deepest network of integrations

9X Gartner MQ LeaderOnly vendor in the industry to achieve this

© Okta and/or its affiliates. All rights reserved. Okta Confidential 4

Category Creator, Category Leader

Gartner Magic QuadrantAccess Management, August 2019

Forrester WaveIdentity-As-A-Service, June 2019

© Okta and/or its affiliates. All rights reserved.

Forrester WaveZero Trust, October 2019


Network Perimeter

TRUSTED UNTRUSTED

The Old Approach to Security Relies on the Network Perimeter


RESOURCES

Infrastructure

IaaS On Prem Servers

Applications

Cloud apps On Prem Apps

APIs

Public Private

Mobile and Cloud Have Dissolved the Traditional Perimeter

Result: We can no longer assume trust

PEOPLE

Employees Privileged Users Contractors Partners Customers


RESOURCES

Infrastructure

IaaS On Prem Servers

Applications

Cloud apps On Prem Apps

APIs

Public Private

PEOPLE

Employees Privileged Users Contractors Partners Customers

People Are the New Perimeter

Contextual Access

The

rightpeople

that is

assessed continuously

have the

right level of access

to the

right resources

in the

rightcontext

Modern Access Management

Least Friction Possible

Why do millions of people use Okta every day?


Because the cloud has changed everything.


Workforce

Workforce



Customers

Customers



UniversalDirectory

SingleSign-On

Adaptive MFA

LifecycleManagement

API AccessManagement

Advanced Server Access

Access Gateway

Developer SDKs

Increase M&A Agility

Modernize Enterprise IT

Reduce IT Friction

Build 100% Cloud/Mobile IT

Decrease costs while increasing efficiency

Protect AgainstData Breaches

Enable Mobile Workforce

Secure the business

Secure, Seamless Customer Experience

Collaboratewith Partners

Accelerate business growth


• Lack of corporate devices to take home then vendors were sold out• Everyone needs VPN to access resources that are hosted on-prem• Immediate need for new collaboration apps

What companies did?• Enabled VPN and sent users home with their work computers• Went to a ”Bring Your Own Device” model and allowed personal computer access

Challenge: Enabling All Users To Work From Home

15


• Users are now connecting from their untrusted home networks and or device• VPN will give users blanket access across multiple corporate resources• Users are more relaxed as far as what they’re accessing and opening• Pandemic Phishing campaigns have exploded

Challenge: Securing employees that are now WFH

16


• Users are not inside the office• Very manual lifecycle process in many systems, done by many people.• Access is left open to terminated users

Challenge: Rapid User Onboarding/Offboarding

17


• Adoption of more best-of-breed collaboration apps (Zoom, Slack, Box, etc.) – SSO• Secure the identity from untrusted locations and or untrusted devices – AMFA• Secure VPN Access – MFA• Mitigate Phishing related risk - SSO/AMFA• Rapid user onboarding/offboarding - LCM• HR driven lifecycle(From IT to HR) – LCM• Self-Service Forgot Password/Unlock Account - UD• Lower VPN overutilization – OAG• Simple, secure, and quick time-to-value with best-of-breed apps –

SSO/LCM/AMFA

Use Cases – How Okta Can Help

18

Thank You


Okta for Emergency Remote Work

What?

Offering:• SSO to 5 Apps (Includes basic MFA - Okta Verify OTP)• 6600+ out of the box applications on the OIN• MFA for VPN• Sign up by April 30, 2020

Why?• Help companies quickly adopt, secure, and rollout new cloud apps• Do what we can to help companies during these challenging times• Okta is measuring success as number of orgs that sign up

Cost?• Free for six months (Okta may extend pending status of crisis)• Must be new Okta customers• Partners can bundle with other complimentary partner offerings

How to sign up? • Contact your Okta Account Executive or• Okta Emergency Remote Work - https://www.okta.com/okta-for-emergency-remote-work

https://www.okta.com/okta-for-emergency-remote-work


What challenges are you facing today?

Please use chat to share your company’s challenges



• Example: Enabling all users to work from home

Challenges

22

2020 © Netskope. All rights reserved.

Netskope at a Glance

Founded in 2012

25% of Fortune 100

50 Billion transactions per day

1000’s of apps safely enabled

3X Gartner MQ Leader

Launched first CASB in 2012 and expanded platform from 2015 to present with Public Cloud Security, Next Gen SWG, and Private Access

The largest organizations in the world trust Netskope to secure their journey to the cloud

The Netskopesecurity cloud is accessible within 20ms of most of the world’s population

Netskope enables organizations to move from traditional blocking to safely enabling the cloud

Recognized for vision and ability to execute


Remote Work Increasing Exponentially Due to COVID-19

https://www.netskope.com/blog/category/netskope-threat-research-labs


Public Clouds Data Centres

PRIVATE APPS

Remote and On-premises

workers Netskope

Netskope

CLOUD APPS

Security Cloud &Private Edge network

Next GenerationSecure Web Gateway (NG SWG)

Zero Trust Network Access(ZTNA)

-Data & Threat Protection

-Compliance-Visibility

Secure, Fast & Scalable Access

WEBSITES

VPN

ü Single Client (optional)

ü Single Consoleü Global Infrastructure

Web Private Apps Cloud

CASB Web Security Zero TrustDatacenter

Netskope Security Cloud Platform

OUTCOMESGOALS

Enhance patient care and improve competitiveness

STRATEGY

Implement a cloud/mobile first approach to support their remote workforce and enhance patients’ ability to safely interact online

REQUIREMENTS

• Maintaining HIPAA compliance in the cloud

• Full visibility of data content & movement and user activities across Cloud and Web

• Integrating identity and cloud security

• Full-featured “cloud aware” data security solution

• Simplify administration for a small staff

Leading provider of advanced home health services and medical equipment. Operates hundreds of locations throughout the United States with a large distributed and remote workforce, serving approx. 2 million patients each year.

Industry: Healthcare

BENEFITS







Netskope NextGen Secure Web Gateway

29

Granular visibility enables fine-grain control

Thousands of cloud services SSL/TLS traffic decrypted Cloud traffic decoded and

parsed

Sharing

Activity (share, upload, etc.)

On Slack

All Cloud services (including instance) and websites

On her laptop

Device (managed, unmanaged)C L O U D X D

Financials

Content/ Classification

Is remoteLocation

Kate from accounting

User, Group, OU

a a a a s r

OUTCOMES

Business enablement through ability to adopt their cloud strategy

Enhanced ability to support their remote workers to deliver better patient care

“With Netskope and Okta [we have] implemented cloud and web data loss prevention policy enforcement without placing a burden on personnel, while also providing employees and patients the assurance that their personal information is in safe hands.”

- CISO

GOALS

Enhance patient care and improve competitiveness

STRATEGY

Implement a cloud/mobile first approach to support their remote workforce and enhance patients’ ability to safely interact online

REQUIREMENTS

• Maintaining HIPAA compliance in the cloud

• Full visibility of data content & movement and user activities across Cloud and Web

• Integrating identity and cloud security

• Full-featured “cloud aware” data security solution

• Simplify administration for a small staff

Leading provider of advanced home health services and medical equipment. Operates hundreds of locations throughout the United States with a large distributed and remote workforce, serving approx. 2 million patients each year.

Industry: Healthcare

BENEFITS

Operational Efficiencies / Ease of Use: ● Integrated IDaaS and Cloud Security● Full control of SaaS and Web from one

cloud-native platform

Reduced Risk: ● Govern web usage with comprehensive

web classification and content filtering● modern data protection to identify PHI,

eliminate unauthorized access, and control the flow of PHI

Improved Compliance: ● Protect employee (PII) and patient

personally identifiable information (PHI)

Increased User Experience / Productivity: ● Improved the ease and speed of sharing

information — across multiple branches and business partners — to deliver better patient care

Top Requirements:

ü Full Visibility of cloud and web

ü Ease-of-use and deployment

ü Granular policy controls

OUTCOMESGOALS

Improve performance for China-based users accessing internal ERP apps via VDI

Urgent need to accommodate mandatory work-from-home (WFH) initiative

STRATEGIES

Leverage Netskope’s New Edge network in China to provide efficient routes to the corporate datacenter

Rollout Netskope Private Access to augment VPN infrastructure to meet urgent WFH need

REQUIREMENTS

• Ease-of-use and improved end-to-end performance for users outside of U.S.

• Rapid time-to-deployment for remote worker access to internal applications

BENEFITS

US based company with globally distributed research centers and manufacturing.16K usersIndustry:

Pharmaceutical







Building out massive, global footprint

Netskope NewEdge™ – Largest “Carrier-Grade” middle-mile overlay network

33

Breaking “unwritten rules” of the internet

100s direct interconnects with cloud providers,SaaS apps, and last mile providers

“Netskope is the internet for

business!”

Tier 1 SP InterconnectEx. Box, O365, Gsuite, Salesforce

Last Mile Provider #1Ex. Comcast

Last Mile Provider #2Ex. Verizon

IXC Provider #1Ex. Level3

Tier 1 SP InterconnectEx. AWS, Azure, GCP

IXC Provider #2Ex. AT&TCloudXD

Netskope Private Access

34

Private Appsin Corporate Data

Centers

Legend: Netskope Client Netskope Publisher

Private Appsin Public Cloud

Netskope Security Cloud

Remote Users

Offices

35

Legend: Netskope Client Netskope Publisher

Netskope Security Cloud

Remote Users

OfficesPrivate Apps

in Corporate Data Centers

Private Appsin Public Cloud

Netskope Private Access

OUTCOMES

Business enablement through increased productivity for users accessing business-critical applications

Was able to pivot quickly to accommodate increased remote workforce needs by augmenting their VPN

Future outcome – reducing cost of VPN by increasing use of NPA zero trust private access

GOALS

Improve performance for China-based users accessing internal ERP apps via VDI

Urgent need to accommodate mandatory work-from-home (WFH) initiative

STRATEGIES

Leverage Netskope’s New Edge network in China to provide efficient routes to the corporate datacenter

Rollout Netskope Private Access to augment VPN infrastructure to meet urgent WFH need

REQUIREMENTS

• Ease-of-use and improved end-to-end performance for users outside of U.S.

• Rapid time-to-deployment for remote worker access to internal applications

BENEFITS

Operational Efficiencies / Ease of Use: ● Integrated IDaaS with Cloud Security● Full control of SaaS and private

applications from one cloud-native platform

Reduced Risk: ● Improved visibility and security of O365

Increased User Experience / Productivity: ● Improved the ease and speed of sharing

information and accessing applications from worldwide locations

● Enabled IT admins to streamline access for the organization to ERP, databases, ticketing systems, and IT mgt tools within one week

US based company with globally distributed research centers and manufacturing.16K usersIndustry:

Pharmaceutical

Top Requirements:

ü High Performance

ü Rapid Deployment

Unified Capability Stack

Endpoint machines

Threat Intel

Exchange

Response Actions

UEBA & SOAR

CLOUD SECURITY

EDR

Web SaaS IaaS/PaaS

User & Entity Data

IDENTITY

Authentication & SSO

Response Actions

Private Access

(De)Provisioning

Steering

MonitoringValidating

Enforcement

2020 © Netskope. All rights reserved.

Thank You

Documents

Reimagine Your PROTECT DATA AND USERS EVERYWHERE … · Integrated IDaaS and Cloud Security Full control of SaaS and Web from one cloud-native platform Reduced Risk: Govern web usage