Presentation is loading. Please wait.

Presentation is loading. Please wait.

Complete Cloud Security

Similar presentations


Presentation on theme: "Complete Cloud Security"— Presentation transcript:

1 Complete Cloud Security
Bob Anderson Cybersecurity Account Manager

2 Any Cloud. Any Security. One Click.
Who We Are One View across All SaaS/IaaS Selection of Any Security from 60+ vendors All in a One-Click App Store Any Cloud. Any Security. One Click.

3 Got Cloud? Business Apps File Sharing ERP/CRM Collaboration IaaS

4 When you own the datacenter
All users connect via your security stack. Security Stack Your Data Your Servers Your Security Your Responsibility

5 When you move to the SaaS Cloud
Your Data Their Servers Their Security Your Responsibility?

6 The Shared Responsibility Model
Infrastructure as a Service (IaaS) Platform as a Service (PaaS) SaaS People Data Applications Runtime Middleware OS Virtual Network Hypervisor Servers Storage Physical Network Provider Responsibility Customer Responsibility

7 Your Responsibility Amazon is responsible for “security of the cloud”.
”Microsoft is not responsible for any incidents that result from your unauthorized action or lack of action when required, or from your employees, agents, contractors, or vendors, or otherwise resulting from your failure to follow appropriate security practices.” ”You will be solely responsible for maintaining appropriate security, protection and backup copies of the Content, which may include, your use of additional encryption technology to protect the Content from unauthorized access.” ”It is your responsibility to enforce the appropriate movement and access to this data at the level of your application. This includes preventing your end users from sharing critical information outside of your corporate network / public cloud infrastructure and ensuring you keep data that could identify a specific individual safe.” “Our Services let you share Your Stuff with others, so please think carefully about what you share. You're responsible for your conduct and Your Stuff. Dropbox syncs any files added to it. If someone adds files with a virus or malicious software, that file syncs to any computers linked to the account. ” Amazon is responsible for “security of the cloud”. The customer is responsible for “security in the cloud”.

8 Terms of Service “Microsoft is not responsible for any incidents that result from your unauthorized action or lack of action when required, or from your employees, agents, contractors, or vendors, or otherwise resulting from your failure to follow appropriate security practices.” “Microsoft is not responsible for compliance with any laws or regulations applicable to Customer or Customer’s industry that are not generally applicable to information technology service providers. Microsoft does not determine whether Customer Data includes information subject to any specific law or regulation.” Office 365 Online Services Terms

9 Your Responsibility User & Data Security Phishing Zero Day Malware
SaaS People Data Applications Runtime Middleware OS Virtual Network Hypervisor Servers Storage Physical Network User & Data Security Phishing Zero Day Malware Data Leak Prevention Account Takeover File Encryption Compliance

10 Gartner Framework for SaaS Security
Users Data Applications Runtime Middleware OS Virtual Network Hypervisor Servers Storage Physical Network Best Practices Users Multifactor Authentication Adaptive Access Control Entity Behavior Analytics Data Anti Phishing Antivirus Scanning Sandboxing DLP/Data Classification File Encryption App Monitoring Event Auditing Logging Alerting Enterprise Log Integration Compliance Enforcement

11 Spam Filtering AV Scanning Advanced Threat Protection Sandboxing ($2/user/month) Exchange Protection Encryption Data Loss Protection eDiscovery Advanced Data Loss Protection Advanced eDiscovery Customer Lockbox Threat Intelligence Cloud App Security Advanced Threat Protection Sandboxing (incl.)

12 “Best-Effort” Terms of Service
"Viruses" is defined as known malware: when widely used commercial virus scanning engines can detect the virus. The SLA shall not apply to spam, phishing and other scams, adware, and forms of spyware not known to the anti-virus community. Office 365 Online Services Terms

13 Microsoft vs Microsoft ATP
Percent of zero-day malware that bypassed protection. Lower is better. 60% 40% 20% Microsoft Microsoft Advanced Threat Protection (ATP) 1st 31st

14 The Problem Multiplied
How do you provide consistent protection across all cloud assets Siloed point solutions from SaaS or multiple vendors Need to ‘make the cloud compliant’.

15 The Avanan Cloud Security Platform
One View API Virtual Inline Connects Via API: No Proxy Gateway. No Agent Multiple Security Layers: All leading vendors in one click. Unified Dashboard: Standardized policy. Custom Workflow Enforcement.

16 Security Partners ‘Cloudified’ best of breed tools
Zero-configuration engine Available in ‘one-click’ app store Interchangeable. Future proof.

17 Full Stack Security For Any Cloud
Anti phishing Antivirus Malware Sandboxing AI Predictive Detection File Sanitization Data Security (DLP) Encryption Access Control Account Takeover Prot. Shadow SaaS Shadow IT SIEM Integration Compliance Enforcement Full Security Stack Zero-configuration One-click app store Future proof

18 Single Layer Security is not Security

19 Full Stack Malware Protection
No single technology can catch everything. But can a hacker bypass multilayer protection? MALWARE PHISHING EXPLOITS SPAM Default Security Signatures A.I. Sandbox Anti-Phishing

20 Multi-Technology Scanning
Sandboxing caught more than any other technology, but still only 79%. Sandboxing Alone Each layer catches fewer, but stops what the others miss. PREDICTIVE A.I ANTIVIRUS MALWARE SANDBOXING/THREAT EMULATION ANTI-PHISHING ANALYSIS BEHAVIOR ANALYSIS/ANOMALY DETECTION Plus Predictive AI Plus Antivirus Plus Anti-phishing Plus Anomaly Detection Only caught 19% but stopped 5 the others missed.

21 Advanced Threat Protection
Security Office 365 Default Advanced Threat Protection AVANAN Phishing Protections Spam Domain Spoofing Brand Impersonation User Impersonation Business Compromise Malware Protections Antivirus Signatures Sandboxing Active Content Analysis File Sanitization URL Protections Domain Reputation Filter Malicious File Analysis Page Emulation Analysis Brand Spoof Analysis Active Form Analysis

22 Virtual Inline for Email
Inbound, Outbound and Internal Messages Before it reaches the mailbox Includes default security Full control of the mailbox. Historical. Clawback. Beyond just Patented ‘virtual inline’. Default Security Full SaaS integration. Total Mailbox Control

23 Suite-based phishing is top attack vector
49% of breaches in 2017 used no malware SaaS is a global target Target is well understood technology Suite vendor’s trust in its own services User’s habitual trust in the suite

24 SmartPhish Anti-phishing
Inbound, Outbound and Internal Messages Full History: Company-wide Contextual Analysis AI Trained for what O365/Gmail Filters miss 300+ Indicators per Interactive Workflow Response Beyond just Patented ‘virtual inline’. Default Security Full SaaS integration. Total Mailbox Control Includes Both SaaS and Security Vendor Analysis

25 Data Classification/DLP
Cloudified data classification apps. Pre-configured, ‘one click’ engine. Cloud-contextual enforcement. API Optional: Third party tools for file encryption. Optional: Apply enterprise license of DLP engine. Optional: Connect cloud-based engine to datacenter manager.

26 Account Takeover Protection
Find Compromised Accounts Previous Breaches Across All SaaS Insider Threat Malicious Apps Shadow SaaS Malicious Config Your SaaS Phished Access Stolen Credential Insider Threat

27 Insecure Configurations
Risky Data Access Rules Forwarding Rules Insecure and Malicious Configuration or Permissions Malicious Apps, Shadow SaaS, Shadow IT

28 Policy Orchestration API Centralized Policy/Automated Workflows
One View Centralized Policy/Automated Workflows Normalized Event Information/Cross-cloud User Monitoring Unified Reporting/SIEM Integration Shared Datacenter Policy

29

30 Avanan 10-Minute Health Check
Takes 10 Minutes to Setup. Just click “OK” in our app store. Scan using the industry’s best technology Zero Day Malware Phishing s, Attachments, Malicious URLs Historical Breaches, Account Takeover No Obligation. Really. *Of course, the full scan takes longer than ten minutes. But you will start to get results immediately.

31 Any Cloud. Any Security. One Click.
Q&A Your 10-minute Health Check


Download ppt "Complete Cloud Security"

Similar presentations


Ads by Google