Upload
others
View
5
Download
0
Embed Size (px)
Citation preview
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Reimagine YourPerimeter
PROTECT DATA ANDUSERS EVERYWHERE
SAFELY ENABLE THE CLOUD AND WEB
DELIVER SECURITYTHAT IS FAST ANDSCALABLE
April 2020
Full visibility
Real-time compliance
User-experience
Dave Garrison, Solutions Engineer
Jeremiah Kear | Solutions EngineerSouthern California
Our mission is to enable any organization to use any technology
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Okta at a Glance
Founded in 2009Pioneered Identity Management in the Cloud
NASDAQ Listed April, 2017
8,000+ CustomersSMB to Fortune 500,every industry, every geography
10M+Daily UsersPeople use Okta to securely connect to the tools they need to be productive
6,600+IntegrationsIndustry’s broadest, deepest network of integrations
9X Gartner MQ LeaderOnly vendor in the industry to achieve this
© Okta and/or its affiliates. All rights reserved. Okta Confidential 4
Category Creator, Category Leader
Gartner Magic QuadrantAccess Management, August 2019
Forrester WaveIdentity-As-A-Service, June 2019
© Okta and/or its affiliates. All rights reserved.
Forrester WaveZero Trust, October 2019
© Okta and/or its affiliates. All rights reserved. Okta Confidential 5
Network Perimeter
TRUSTED UNTRUSTED
The Old Approach to Security Relies on the Network Perimeter
© Okta and/or its affiliates. All rights reserved. Okta Confidential 6
RESOURCES
Infrastructure
IaaS On Prem Servers
Applications
Cloud apps On Prem Apps
APIs
Public Private
Mobile and Cloud Have Dissolved the Traditional Perimeter
Result: We can no longer assume trust
PEOPLE
Employees Privileged Users Contractors Partners Customers
© Okta and/or its affiliates. All rights reserved. Okta Confidential 7
RESOURCES
Infrastructure
IaaS On Prem Servers
Applications
Cloud apps On Prem Apps
APIs
Public Private
PEOPLE
Employees Privileged Users Contractors Partners Customers
People Are the New Perimeter
Contextual Access
The
rightpeople
that is
assessed continuously
have the
right level of access
to the
right resources
in the
rightcontext
Modern Access Management
Least Friction Possible
Why do millions of people use Okta every day?
© Okta and/or its affiliates. All rights reserved.
Because the cloud has changed everything.
© Okta and/or its affiliates. All rights reserved.
Workforce
Workforce
© Okta and/or its affiliates. All rights reserved.
© Okta and/or its affiliates. All rights reserved.
Customers
Customers
© Okta and/or its affiliates. All rights reserved.
© Okta and/or its affiliates. All rights reserved. Okta Confidential 14
UniversalDirectory
SingleSign-On
Adaptive MFA
LifecycleManagement
API AccessManagement
Advanced Server Access
Access Gateway
Developer SDKs
Increase M&A Agility
Modernize Enterprise IT
Reduce IT Friction
Build 100% Cloud/Mobile IT
Decrease costs while increasing efficiency
Protect AgainstData Breaches
Enable Mobile Workforce
Secure the business
Secure, Seamless Customer Experience
Collaboratewith Partners
Accelerate business growth
© Okta and/or its affiliates. All rights reserved. Okta Confidential
• Lack of corporate devices to take home then vendors were sold out• Everyone needs VPN to access resources that are hosted on-prem• Immediate need for new collaboration apps
What companies did?• Enabled VPN and sent users home with their work computers• Went to a ”Bring Your Own Device” model and allowed personal computer access
Challenge: Enabling All Users To Work From Home
15
© Okta and/or its affiliates. All rights reserved. Okta Confidential
• Users are now connecting from their untrusted home networks and or device• VPN will give users blanket access across multiple corporate resources• Users are more relaxed as far as what they’re accessing and opening• Pandemic Phishing campaigns have exploded
Challenge: Securing employees that are now WFH
16
© Okta and/or its affiliates. All rights reserved. Okta Confidential
• Users are not inside the office• Very manual lifecycle process in many systems, done by many people.• Access is left open to terminated users
Challenge: Rapid User Onboarding/Offboarding
17
© Okta and/or its affiliates. All rights reserved. Okta Confidential
• Adoption of more best-of-breed collaboration apps (Zoom, Slack, Box, etc.) – SSO• Secure the identity from untrusted locations and or untrusted devices – AMFA• Secure VPN Access – MFA• Mitigate Phishing related risk - SSO/AMFA• Rapid user onboarding/offboarding - LCM• HR driven lifecycle(From IT to HR) – LCM• Self-Service Forgot Password/Unlock Account - UD• Lower VPN overutilization – OAG• Simple, secure, and quick time-to-value with best-of-breed apps –
SSO/LCM/AMFA
Use Cases – How Okta Can Help
18
Thank You
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Okta for Emergency Remote Work
What?
Offering:• SSO to 5 Apps (Includes basic MFA - Okta Verify OTP)• 6600+ out of the box applications on the OIN• MFA for VPN• Sign up by April 30, 2020
Why?• Help companies quickly adopt, secure, and rollout new cloud apps• Do what we can to help companies during these challenging times• Okta is measuring success as number of orgs that sign up
Cost?• Free for six months (Okta may extend pending status of crisis)• Must be new Okta customers• Partners can bundle with other complimentary partner offerings
How to sign up? • Contact your Okta Account Executive or• Okta Emergency Remote Work - https://www.okta.com/okta-for-emergency-remote-work
© Okta and/or its affiliates. All rights reserved. Okta Confidential
What challenges are you facing today?
Please use chat to share your company’s challenges
© Okta and/or its affiliates. All rights reserved.
© Okta and/or its affiliates. All rights reserved. Okta Confidential
• Example: Enabling all users to work from home
Challenges
22
2020 © Netskope. All rights reserved.
Netskope at a Glance
Founded in 2012
25% of Fortune 100
50 Billion transactions per day
1000’s of apps safely enabled
3X Gartner MQ Leader
Launched first CASB in 2012 and expanded platform from 2015 to present with Public Cloud Security, Next Gen SWG, and Private Access
The largest organizations in the world trust Netskope to secure their journey to the cloud
The Netskopesecurity cloud is accessible within 20ms of most of the world’s population
Netskope enables organizations to move from traditional blocking to safely enabling the cloud
Recognized for vision and ability to execute
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Remote Work Increasing Exponentially Due to COVID-19
https://www.netskope.com/blog/category/netskope-threat-research-labs
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Public Clouds Data Centres
PRIVATE APPS
Remote and On-premises
workers Netskope
Netskope
CLOUD APPS
Security Cloud &Private Edge network
Next GenerationSecure Web Gateway (NG SWG)
Zero Trust Network Access(ZTNA)
-Data & Threat Protection
-Compliance-Visibility
Secure, Fast & Scalable Access
WEBSITES
VPN
ü Single Client (optional)
ü Single Consoleü Global Infrastructure
Web Private Apps Cloud
CASB Web Security Zero TrustDatacenter
Netskope Security Cloud Platform
OUTCOMESGOALS
Enhance patient care and improve competitiveness
STRATEGY
Implement a cloud/mobile first approach to support their remote workforce and enhance patients’ ability to safely interact online
REQUIREMENTS
• Maintaining HIPAA compliance in the cloud
• Full visibility of data content & movement and user activities across Cloud and Web
• Integrating identity and cloud security
• Full-featured “cloud aware” data security solution
• Simplify administration for a small staff
Leading provider of advanced home health services and medical equipment. Operates hundreds of locations throughout the United States with a large distributed and remote workforce, serving approx. 2 million patients each year.
Industry: Healthcare
BENEFITS
ü Single Client (optional)
ü Single Consoleü Global Infrastructure
Web Private Apps Cloud
CASB Web Security Zero TrustDatacenter
Netskope Security Cloud Platform
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Netskope NextGen Secure Web Gateway
29
Granular visibility enables fine-grain control
Thousands of cloud services SSL/TLS traffic decrypted Cloud traffic decoded and
parsed
Sharing
Activity (share, upload, etc.)
On Slack
All Cloud services (including instance) and websites
On her laptop
Device (managed, unmanaged)C L O U D X D
Financials
Content/ Classification
Is remoteLocation
Kate from accounting
User, Group, OU
a a a a s r
OUTCOMES
Business enablement through ability to adopt their cloud strategy
Enhanced ability to support their remote workers to deliver better patient care
“With Netskope and Okta [we have] implemented cloud and web data loss prevention policy enforcement without placing a burden on personnel, while also providing employees and patients the assurance that their personal information is in safe hands.”
- CISO
GOALS
Enhance patient care and improve competitiveness
STRATEGY
Implement a cloud/mobile first approach to support their remote workforce and enhance patients’ ability to safely interact online
REQUIREMENTS
• Maintaining HIPAA compliance in the cloud
• Full visibility of data content & movement and user activities across Cloud and Web
• Integrating identity and cloud security
• Full-featured “cloud aware” data security solution
• Simplify administration for a small staff
Leading provider of advanced home health services and medical equipment. Operates hundreds of locations throughout the United States with a large distributed and remote workforce, serving approx. 2 million patients each year.
Industry: Healthcare
BENEFITS
Operational Efficiencies / Ease of Use: ● Integrated IDaaS and Cloud Security● Full control of SaaS and Web from one
cloud-native platform
Reduced Risk: ● Govern web usage with comprehensive
web classification and content filtering● modern data protection to identify PHI,
eliminate unauthorized access, and control the flow of PHI
Improved Compliance: ● Protect employee (PII) and patient
personally identifiable information (PHI)
Increased User Experience / Productivity: ● Improved the ease and speed of sharing
information — across multiple branches and business partners — to deliver better patient care
Top Requirements:
ü Full Visibility of cloud and web
ü Ease-of-use and deployment
ü Granular policy controls
OUTCOMESGOALS
Improve performance for China-based users accessing internal ERP apps via VDI
Urgent need to accommodate mandatory work-from-home (WFH) initiative
STRATEGIES
Leverage Netskope’s New Edge network in China to provide efficient routes to the corporate datacenter
Rollout Netskope Private Access to augment VPN infrastructure to meet urgent WFH need
REQUIREMENTS
• Ease-of-use and improved end-to-end performance for users outside of U.S.
• Rapid time-to-deployment for remote worker access to internal applications
BENEFITS
US based company with globally distributed research centers and manufacturing.16K usersIndustry:
Pharmaceutical
ü Single Client (optional)
ü Single Consoleü Global Infrastructure
Web Private Apps Cloud
CASB Web Security Zero TrustDatacenter
Netskope Security Cloud Platform
© Okta and/or its affiliates. All rights reserved. Okta Confidential
Building out massive, global footprint
Netskope NewEdge™ – Largest “Carrier-Grade” middle-mile overlay network
33
Breaking “unwritten rules” of the internet
100s direct interconnects with cloud providers,SaaS apps, and last mile providers
“Netskope is the internet for
business!”
Tier 1 SP InterconnectEx. Box, O365, Gsuite, Salesforce
Last Mile Provider #1Ex. Comcast
Last Mile Provider #2Ex. Verizon
IXC Provider #1Ex. Level3
Tier 1 SP InterconnectEx. AWS, Azure, GCP
IXC Provider #2Ex. AT&TCloudXD
Netskope Private Access
34
Private Appsin Corporate Data
Centers
Legend: Netskope Client Netskope Publisher
Private Appsin Public Cloud
Netskope Security Cloud
Remote Users
Offices
35
Legend: Netskope Client Netskope Publisher
Netskope Security Cloud
Remote Users
OfficesPrivate Apps
in Corporate Data Centers
Private Appsin Public Cloud
Netskope Private Access
OUTCOMES
Business enablement through increased productivity for users accessing business-critical applications
Was able to pivot quickly to accommodate increased remote workforce needs by augmenting their VPN
Future outcome – reducing cost of VPN by increasing use of NPA zero trust private access
GOALS
Improve performance for China-based users accessing internal ERP apps via VDI
Urgent need to accommodate mandatory work-from-home (WFH) initiative
STRATEGIES
Leverage Netskope’s New Edge network in China to provide efficient routes to the corporate datacenter
Rollout Netskope Private Access to augment VPN infrastructure to meet urgent WFH need
REQUIREMENTS
• Ease-of-use and improved end-to-end performance for users outside of U.S.
• Rapid time-to-deployment for remote worker access to internal applications
BENEFITS
Operational Efficiencies / Ease of Use: ● Integrated IDaaS with Cloud Security● Full control of SaaS and private
applications from one cloud-native platform
Reduced Risk: ● Improved visibility and security of O365
Increased User Experience / Productivity: ● Improved the ease and speed of sharing
information and accessing applications from worldwide locations
● Enabled IT admins to streamline access for the organization to ERP, databases, ticketing systems, and IT mgt tools within one week
US based company with globally distributed research centers and manufacturing.16K usersIndustry:
Pharmaceutical
Top Requirements:
ü High Performance
ü Rapid Deployment
Unified Capability Stack
Endpoint machines
Threat Intel
Exchange
Response Actions
UEBA & SOAR
CLOUD SECURITY
EDR
Web SaaS IaaS/PaaS
User & Entity Data
IDENTITY
Authentication & SSO
Response Actions
Private Access
(De)Provisioning
Steering
MonitoringValidating
Enforcement
2020 © Netskope. All rights reserved.
Thank You