Upload
bitglass
View
82
Download
0
Embed Size (px)
Citation preview
webinaraugust 10
2016
what is a CASB?
STORYBOARDS
enterprise(CASB)
end-user devicesvisibility & analytics
data protectionidentity & access control
applicationstorageserversnetwork
CASBs secure data across any cloud app
app vendor
STORYBOARDS
CASB capabilities
identity
discovery
data-centric security
mobile
STORYBOARDS
casb securitya data-centric approach ■ Cloud data doesn’t exist only “in the
cloud”
■ IT must protect data at access and on any device
○ Granular DLP
○ Context-aware to distinguish between users, device type, more
○ Device controls on mobile
STORYBOARDS
mobile securitycloud and mobile are inseparable
■ IT must enable secure access to cloud apps from any device
■ BYOD poses a threat to data security due to a lack of visibility and control after download
■ CASBs accommodate user BYOD demands and IT security needs without agents
STORYBOARDS
how casb security works
reverse proxy■ unmanaged device controls without agents
forward proxy■ managed devices controls
activesync proxy■ secure email, calendar, etc on any mobile
device■ device level security - wipe, encryption, PIN
etc
STORYBOARDS
casb identitycentralized identity management is key in securing data
■ CASBs offer integrated identity management across apps
■ Limit potential breaches with step-up multifactor auth for high risk logins
STORYBOARDS
casb discoverygain visibility into your org’s cloud usage
■ Identify unsanctioned apps in use in your organization
○ Understand risk profiles of these frequently used apps
■ Intelligent, time-saving alerts out of the box
STORYBOARDS
managed devices
application access access control data protection
unmanaged devices /
byod
in the cloud
Forward ProxyActiveSync Proxy
Device Profile: Pass● Email● Browser● OneDrive Sync
● Full Access
Reverse Proxy + AJAX VMActiveSync Proxy
● DLP/DRM/encryption ● Device controls
API Control External Sharing Blocked
● Block external shares● Alert on DLP events
Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth
typical use casehybrid CASBs provide real-time protection on any device
STORYBOARDS
secure office 365 + byod
client:
■ 35,000 employees globally
challenge: ■ Inadequate native O365 security■ Controlled access from any device■ Limit external sharing■ Interoperable with existing
infrastructure, e.g. Bluecoat, ADFS
solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload
or download■ Quarantine externally-shared
sensitive files in cloud ■ Controlled unmanaged device
access■ Shadow IT & Breach discovery
fortune 50 healthcar
efirm
STORYBOARDS
client:
■ 15,000 employees in 190+ locations globally
challenge:
■ Mitigate risks of Google Apps adoption
■ Prevent sensitive data from being stored in the cloud
■ Limit data access based on device risk level
■ Govern external sharing
solution:
■ Inline data protection for unmanaged devices/BYOD
■ Bidirectional DLP
■ Real-time sharing control
secure google apps +
byod
business data
giant
STORYBOARDS
about bitglass
total data
protection est. jan
2013
100+ custome
rs
tier 1 VCs
resources:more info about cloud security
■ whitepaper: the definitive guide to CASBs
■ report: cloud adoption by industry
■ case study: fortune 100 healthcare firm secure O365
STORYBOARDS
bitglass.com@bitglass