Perimeters and Unicorns: Two Things That Only Exist in IT Fairyland Gary Paluch, CISSP, Sr. Sales Engineer.

Slides:

Advertisements

Similar presentations

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Advertisements

New Solutions to New Threats. The Threats, They Are A Changing Page 2 | © 2008 Palo Alto Networks. Proprietary and Confidential.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.

Security for Today’s Threat Landscape Kat Pelak 1.

Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility. Simplify authentication.

Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.

What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.

Introducing TakeCharge SyncedTool The most secure, agile hosted file-sharing platform for business.

Secure Private Cloud Storage for Business. The Market Trend File Sharing Any Device Any Where Public clouds are good enough to personal users but security.

Mobility Methods for document access while away from the office.

© Centrify Corporation. All Rights Reserved. Unified Identity Management across Data Center, Cloud and Mobile.

Company/Product Overview. You have lots of files all over the place.

Welcome to iDOC Corp. DocHost Solution Online Document Management DocHost 14 Day Free Trial

Peter R. Pietzuch Ioannis Papagiannis Peter Pietzuch Large-Scale Distributed Systems Group ACM Cloud Computing.

Zscaler New Interface and Reporting From Saturday 8 th June 2013.

Introduction Thomson Chan Rosaryhill School

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Secure & Unified Identity for End Users & Privileged Users.

Salesgenie Enterprise Solution Mike Peterson - Sales Director Infogroup Enterprise Solutions

1 Proprietary & Confidential. 2 When Not Controlling Info... Proprietary & Confidential  High costs when loosing…  Financial documents  M&A info (UBS.

CIO Perspectives on Security Fabrício Brasileiro Regional Sales Manager.

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

BEN ROBINSON, ACCOUNT EXECUTIVE, PALO ALTO NETWORKS SAFELY ENABLE YOUR SAAS APPLICATIONS.

What is it? CLOUD COMPUTING.  Connects to the cloud via the Internet  Does computing tasks, or  Runs applications, or  Stores Data THE AVERAGE CLOUD.

What’s New Data Loss Prevention 14. Information is Everywhere Brings Productivity, Agility, Convenience ……and Problems Copyright © 2015 Symantec Corporation.

Box.net Kerndeep Sidhu. What is Box.net? Provides cloud content management Empowers users to access and share content online Allows IT professionals to.

Copyright © 2015 Centrify Corporation. All Rights Reserved. 1 Company Overview & Strategy Lance McAndrew Product Line Sales Engineer.

© 2015 IBM Corporation John Guidone Account Executive IBM Security IBM MaaS360.

Blue Coat Confidential Web and Mobile Application Controls Timothy Chiu Director of Product Marketing, Security July 2012.

Your data, protected and under control wherever they go SealPath Enterprise – IRM

1© Copyright 2012 EMC Corporation. All rights reserved. Next Generation Authentication Bring Your Own security impact Tim Dumas – Technology Consultant.

Complete Cloud Security Anyone, anywhere, any app, any device.

Blue Coat Cloud Continuum

Microsoft Ignite /1/ :41 PM BRK3249

Office 365 Advanced Security Management

Microsoft Cloud App Security

Protect your Digital Enterprise

Secure your complete data lifecycle using Azure Information Protection

Cloud App Security vs. O365 Advanced Security Management

Do you know who your employees are sharing their credentials with

Identity & Access Management for a cloud-first, mobile-first world

Perimeters and Unicorns: Two Things That Only Exist in IT Fairyland Gary Paluch, CISSP, Sr. Sales Engineer We’re all familiar with the term “Shadow IT’.

Basic Policy Overview Palo Alto.

7/23/2018 6:01 PM BRK2282 Protecting complete data lifecycle using Microsoft’s information protection capabilities Gagan Gulati Alex Li Principal.

9/4/2018 6:45 PM Secure your Office 365 environment with best practices recommended for political campaigns Ethan Chumley Campaign Technology Advisor Civic.

The Information Protection Problem

Identity Driven Security

Cyber Attacks on Businesses 43% of cyber attacks target small business Only 14% of small business rate their ability to mitigate cyber risk highly.

Secure your complete data lifecycle using Azure Information Protection

Eliminate Service Outages with Microsoft Azure and ServiceNow

9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.

Understanding best practices in classifying sensitive data

Microsoft Ignite /18/2018 9:42 AM

Secure & Unified Identity

Prevent Costly Data Leaks from Microsoft Office 365

Analysing and Classifying Data at Rest

Introduction to Soonr by ….

Information Security Awareness 101

Company Overview & Strategy

Skyhigh Enables Enterprises to Use Productivity Tools of Microsoft Office 365 While Meeting Their Security, Compliance & Governance Requirements Partner.

Cloud Access Security Broker Lets Enterprises Enforce Security and Compliance in Office 365 Partner Logo “Skyhigh helps us securely enable high-impact.

Understanding IDENTITY Assurance

Running a Tight Ship: Controlling Microsoft Teams

Searchable. Secure. Simple.

Using the Cloud App Marketplace Monitoring cloud app migrations

Protecting your data with Azure AD

4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.

Company Name | Phone Number | Website | Address

Microsoft Data Insights Summit

AIR-T11 What We’ve Learned Building a Cyber Security Operation Center: du Case Study Tamer El Refaey Senior Director, Security Monitoring and Operations.

Presentation transcript:

Perimeters and Unicorns: Two Things That Only Exist in IT Fairyland Gary Paluch, CISSP, Sr. Sales Engineer

2 The perimeter as you know it is

The Rise of Consumer-Driven IT MOBILITYVIRTUALIZATION & CLOUD Campus-based client/server TODAY Remote and Line of Business SaaS usage BYO and Consumerization SaaS App Explosion (iPhone is born) Salesforce.com is born

There are 10,000 enterprise apps today (and growing).

© 2015 Netskope. All Rights Reserved. How Do Cloud Apps Get In? 5 IT-led Business-led User-led 10% 70% 20% Mostly Unsanctioned Sanctioned

6 Actual: 715 IT estimate: Source: Netskope Data Not just individuals… 64 Marketing 47 Collaboration 40 HR These were controlled by IT

7 apps 700+ cloud apps per enterprise 90% are not enterprise-ready users Malicious or non- intentional 15% of corporate users have had their account credentials compromised data 18% of files in cloud apps constitute a policy violation 22% of those files are shared publicly activities Cloud makes it easy to share When is an activity an anomaly?

Catch-22

Allow is the new block (allow is new block green light slide) 9

6 Steps to Mitigating Cloud Usage Risk (without blocking everything)

STEP 1: Discover the cloud apps running in your enterprise and assess risk

STEP 2: Understand cloud usage details v v Bob in accounting From his mobile phone v Uploading customer data to Dropbox v Bob’s credentials have been compromised

Traditional perimeter security is blind to cloud activity Perimeter SecurityCloud Security 2.0 Number of cloud apps HundredsThousands Bytes ✔✔ Basic session Info ✔✔ Cloud app enterprise-readiness score ✔ Activity-level details for all cloud apps ✔ Content-level details for files tied to an activity or for files stored in a cloud app ✔ © 2015 Netskope. All Rights Reserved.

Perimeter security lacks activity and content visibility 14 Web session start Login as: Browser/OS From: IP address To: IP address URL Category: File Sharing/ Storage HTTP GET/POST/ DELETE/CONNECT HTTP headers GET and POST Body Identity App Activity Data Summary Perimeter Security Cloud Security 2.0 Web session end Login: URL: Box Category: File Sharing Using: Macbook, Safari 6.0 From: IP address To: IP address Login as: Box ID: Using: Macbook/Safari From: Mtn View, CA Destination: App located in Germany To user: sharing a doc with App: Box Category: Cloud Storage App Instance: Corporate CCL: High Risk: High Login Upload Download Share Logout Invite Edit View… PII/PCI/PHI data Other sensitive classifications Login: Box: ID App: Box Instance: Corporate Using: Macbook, Safari 6.0 From: Mountain View, CA Activities: Create Folder, Move Files (4), Share Folder w/ Anomalies: Downloaded a PII doc from SFDC, uploaded to box

STEP 3: Monitor activities, detect anomalies, and conduct forensics

STEP 4: Find sensitive data tied to an activity or stored in a cloud app

STEP 5: Use surgical precision in your policies, leveraging contextual data

© 2015 Netskope. All Rights Reserved. Examples of using context in your policies 18 Quarantine PII data uploaded to risky cloud storage apps Allow marketing and support teams to post to social media, but block finance team Don’t allow data marked “confidential” to be shared outside of our company Alert users using their personal Dropbox to use a sanctioned cloud app instead

STEP 6: Don’t leave users in the dark. Coach them on safe usage.

5: Use surgical precision in your policies, leveraging contextual data 3: Monitor activities, detect anomalies, conduct forensics, and find sensitive data 2: Understand cloud usage details 4: Find sensitive data part associated with an activity or stored in a cloud app 1: Discover the cloud apps running in your enterprise and assess risk 6: Don’t leave users in the dark. Coach them on safe usage.