webinaraugust 10

2016

what is a CASB?

STORYBOARDS

enterprise(CASB)

end-user devicesvisibility & analytics

data protectionidentity & access control

applicationstorageserversnetwork

CASBs secure data across any cloud app

app vendor

STORYBOARDS

CASB capabilities

identity

discovery

data-centric security

mobile

STORYBOARDS

casb securitya data-centric approach ■ Cloud data doesn’t exist only “in the

cloud”

■ IT must protect data at access and on any device

○ Granular DLP

○ Context-aware to distinguish between users, device type, more

○ Device controls on mobile

STORYBOARDS

mobile securitycloud and mobile are inseparable

■ IT must enable secure access to cloud apps from any device

■ BYOD poses a threat to data security due to a lack of visibility and control after download

■ CASBs accommodate user BYOD demands and IT security needs without agents

STORYBOARDS

how casb security works

reverse proxy■ unmanaged device controls without agents

forward proxy■ managed devices controls

activesync proxy■ secure email, calendar, etc on any mobile

device■ device level security - wipe, encryption, PIN

etc

STORYBOARDS

casb identitycentralized identity management is key in securing data

■ CASBs offer integrated identity management across apps

■ Limit potential breaches with step-up multifactor auth for high risk logins

STORYBOARDS

casb discoverygain visibility into your org’s cloud usage

■ Identify unsanctioned apps in use in your organization

○ Understand risk profiles of these frequently used apps

■ Intelligent, time-saving alerts out of the box

STORYBOARDS

managed devices

application access access control data protection

unmanaged devices /

byod

in the cloud

Forward ProxyActiveSync Proxy

Device Profile: Pass● Email● Browser● OneDrive Sync

● Full Access

Reverse Proxy + AJAX VMActiveSync Proxy

● DLP/DRM/encryption ● Device controls

API Control External Sharing Blocked

● Block external shares● Alert on DLP events

Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth

typical use casehybrid CASBs provide real-time protection on any device

STORYBOARDS

secure office 365 + byod

client:

■ 35,000 employees globally

challenge: ■ Inadequate native O365 security■ Controlled access from any device■ Limit external sharing■ Interoperable with existing

infrastructure, e.g. Bluecoat, ADFS

solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload

or download■ Quarantine externally-shared

sensitive files in cloud ■ Controlled unmanaged device

access■ Shadow IT & Breach discovery

fortune 50 healthcar

efirm

STORYBOARDS

client:

■ 15,000 employees in 190+ locations globally

challenge:

■ Mitigate risks of Google Apps adoption

■ Prevent sensitive data from being stored in the cloud

■ Limit data access based on device risk level

■ Govern external sharing

solution:

■ Inline data protection for unmanaged devices/BYOD

■ Bidirectional DLP

■ Real-time sharing control

secure google apps +

byod

business data

giant

STORYBOARDS

about bitglass

total data

protection est. jan

2013

100+ custome

rs

tier 1 VCs

resources:more info about cloud security

■ whitepaper: the definitive guide to CASBs

■ report: cloud adoption by industry

■ case study: fortune 100 healthcare firm secure O365

STORYBOARDS

bitglass.com@bitglass