Presentation is loading. Please wait.

Presentation is loading. Please wait.

Complete Cloud Security

Similar presentations


Presentation on theme: "Complete Cloud Security"— Presentation transcript:

1 Complete Cloud Security
Heather DeSiena Cybersecurity Account Manager

2 Any Cloud. Any Security. One Click.

3 Got Cloud? Business Apps File Sharing ERP/CRM Collaboration IaaS

4 When you move to the SaaS Cloud
Users connect from everywhere So do the hackers. Your Data Not Your Servers Not Your Security Attack Surface

5 The Shared Responsibility Model
Infrastructure as a Service (IaaS) Platform as a Service (PaaS) SaaS People Data Applications Runtime Middleware OS Virtual Network Hypervisor Servers Storage Physical Network Provider Responsibility Customer Responsibility

6 Your Responsibility User & Data Security Phishing Zero Day Malware
SaaS People Data Applications Runtime Middleware OS Virtual Network Hypervisor Servers Storage Physical Network User & Data Security Phishing Zero Day Malware Data Leak Prevention Account Takeover File Encryption Compliance Best Practice Document?

7 $24.00 Virus Detection Service Level Agreement:
user/year Advanced Threat Protection for Virus Detection Service Level Agreement: "Viruses" is defined as known malware: when widely used commercial virus scanning engines can detect the virus. The SLA shall not apply to spam, phishing and other scams, adware, and forms of spyware not known to the anti-virus community. What are the technology limitations? ”Good Enough” vs “Best of Breed” Particular--

8 Your Responsibility Amazon is responsible for “security of the cloud”.
”Microsoft is not responsible for any incidents that result from your unauthorized action or lack of action when required, or from your employees, agents, contractors, or vendors, or otherwise resulting from your failure to follow appropriate security practices.” ”You will be solely responsible for maintaining appropriate security, protection and backup copies of the Content, which may include, your use of additional encryption technology to protect the Content from unauthorized access.” ”It is your responsibility to enforce the appropriate movement and access to this data at the level of your application. This includes preventing your end users from sharing critical information outside of your corporate network / public cloud infrastructure and ensuring you keep data that could identify a specific individual safe.” “Our Services let you share Your Stuff with others, so please think carefully about what you share. You're responsible for your conduct and Your Stuff. Dropbox syncs any files added to it. If someone adds files with a virus or malicious software, that file syncs to any computers linked to the account. ” We consider customer data ‘toxic sludge’. We don’t want to see it. We don’t want to touch it. We are not responsible for what’s inside. Amazon is responsible for “security of the cloud”. The customer is responsible for “security in the cloud”.

9 The Problem No consistent protection across all cloud assets Siloed point solutions from multiple vendors “I have 3 people and 27 security solutions” -Saj Haider, Oakhill CISO Need to ‘make the cloud compliant’. No consistent protection across all cloud assets Default solutions range from none to limited Few enforcement options Missing centralized management or reporting Siloed point solutions from multiple vendors No single vendor can solve the problem Landscape is constantly changing “I have 3 people and 27 security solutions”, -Saj Haider, Oakhill CISO Phishing/Account Takeover is existential threat to cloud Little the SaaS provider can do Tools adapted from data-center not equipped to detect

10 The Avanan Advantage API Connects Via API: No Proxy Gateway. No Agent
One View API Connects Via API: No Proxy Gateway. No Agent Multiple Security Layers: All leading vendors in one click. Unified Dashboard: Standardized policy. Custom Workflow Enforcement.

11 How We Do It API Connects Via API No proxy gateway. All devices.
Connection from Avanan to cloud app via API File uploaded to ShareFile (on prem or cloud) Avanan scans files for threats or sensitive data Take action based upon policy violations Connects Via API No proxy gateway. All devices. No change in experience.

12 How We Do It API Connects Via API
Connection from Avanan to cloud app via API File uploaded to ShareFile (on prem or cloud) Avanan scans files for threats or sensitive data Take action based upon policy violations Connects Via API Data-at-rest rest, uploaded or changed files New document quarantined before scanned

13 How We Do It API Connects Via API
Connection from Avanan to cloud app via API File uploaded to ShareFile (on prem or cloud) Avanan scans files for threats or sensitive data Take action based upon policy violations Connects Via API Data-at-rest rest, uploaded or changed files Each file is scanned for malware or confidential information By multiple tools in parallel. Additional tools add no additional latency. Scan takes less time than typical service sync time.

14 How We Do It API Connects Via API
Connection from Avanan to cloud app via API File uploaded to ShareFile (on prem or cloud) Avanan scans files for threats or sensitive data Take action based upon policy violations Connects Via API Data-at-rest rest and uploaded or changed files Each file is scanned for malware or confidential information Actions based upon policy Quarantine. Encrypt. Change Share Permissions.

15 Security Partners ‘Cloudified’ best of breed tools
Zero-configuration engine Available in ‘one-click’ app store Interchangeable. Future proof.

16 Full Stack Security For Any Cloud
Anti phishing Antivirus Malware Sandboxing AI Predictive Detection File Sanitization Data Security (DLP) Encryption Access Control Account Takeover Prot. Shadow SaaS Shadow IT SIEM Integration Compliance Enforcement Full Security Stack Zero-configuration One-click app store Future proof Best in Breed

17 Best in Breed Partners

18

19 Full Stack Malware Protection
No single technology can catch everything. But can a hacker bypass multilayer protection? MALWARE PHISHING EXPLOITS SPAM Default Security Signatures A.I. Sandbox Anti-Phishing

20 Data Classification/DLP
Cloudified data classification apps. Pre-configured, ‘one click’ engine. Cloud-contextual enforcement. API Optional: Third party tools for file encryption. Optional: Apply enterprise license of DLP engine. Optional: Connect cloud-based engine to datacenter manager.

21 SmartPhish Anti-phishing
Inbound, Outbound and Internal Messages Full History: Company-wide Contextual Analysis AI Trained for what O365/Gmail Filters miss 300+ Indicators per Interactive Workflow Response Beyond just Patented ‘virtual inline’. Default Security Full SaaS integration. Total Mailbox Control SmartPhish: Avanan’s own Anti-phishing Technology More Data. More Analysis. Machine Learning: 200+ indicators per Big Data Analysis: Historical and real time context analysis Interactive Remediation and real-time learning True Cloud Integration “Virtual Inline”: After native security, before inbox (Patented) All Communication: Inbound, Outbound, Internal, Historical More than File-Sharing, Slack, Collaboration, etc. Workflow: Granular, interactive remediation and blocking Includes Both SaaS and Security Vendor Analysis

22 Account Takeover Protection
Find Compromised Accounts Previous Breaches Across All SaaS Insider Threat Malicious Apps Shadow SaaS Malicious Config Your SaaS Account Take Over Detects compromised accounts whether through phish or lost password Identifies previous breaches before deployment Monitors all activity across all SaaS. Not just suspicious logins Insider threat – malicious downloads, shares, configuration, Insecure Configuration Identifies both insecure and malicious configuration Risky data access permissions Changes on login configurations (E.g. Disable MFA) Malicious Apps, Apps with excessive permissions, Shadow SaaS Unique To Avanan Real time, ongoing and historical breach detection on first connect Analysis across all SaaS, across all history, for full context Across multiple security layers for defense-in-depth Phished Access Stolen Credential Insider Threat

23 Insecure Configurations
Risky Data Access Rules Forwarding Rules Insecure and Malicious Configuration or Permissions Malicious Apps, Shadow SaaS, Shadow IT Account Take Over Detects compromised accounts whether through phish or lost password Identifies previous breaches before deployment Monitors all activity across all SaaS. Not just suspicious logins Insider threat – malicious downloads, shares, configuration, Insecure Configuration Identifies both insecure and malicious configuration Risky data access permissions Changes on login configurations (E.g. Disable MFA) Malicious Apps, Apps with excessive permissions, Shadow SaaS Unique To Avanan Real time, ongoing and historical breach detection on first connect Analysis across all SaaS, across all history, for full context Across multiple security layers for defense-in-depth

24 Policy Orchestration Automated Workflows Centralized Policy Unified Reporting SIEM Integration Shared Datacenter Policy Normalized Event Information Cross-cloud User Monitoring

25 Case Study: Global Services Company
Problem Multi-SaaS Deployment Consistent DLP Policy across data center and cloud Malware/Phishing Avanan Deployment Installed to solve malware problem. Added DLP, SmartPhish. Used current Palo Alto license. One-click integration with data center DLP Manager. Competitive Each SaaS solution incompatible. Palo Alto’s own solution not sufficient. ServiceSource Enabled SaaS: google_mail,google_drive,box,office365_onedrive,office365_ sEnabled Anti Phishing: Enabled DLP: dlp_symantecEnabled AV: wildfireCredit Card Numbers: 8291Social Security Numbers: 256SandBlast Finding: 24

26 Any Cloud. Any Security. One Click.
Thank You! Q&A

27 Avanan 1-Minute Health Check
Free Scan of your Cloud Takes 1 Minute to Setup. Just click “OK” in the app store. Scan using the industry’s best technology Zero Day Malware Phishing s, Attachments, Malicious URLs Personally Identifiable Information, Credit Cards, etc. No Obligation. Really. *Full scan takes longer than one minute. But you will start to get results immediately.

28 14 Day Trial Day 1 Day 3 Day 7 Day 14 Trial Kickoff Review Results
10 Minute Setup Define Use Cases Initial Scan Monitor Mode Review Results Scan Analysis 5 User Prevent Mode Q&A Prevent Mode Review Prevent Mode Analysis Review Workflow Validate End User Experience Best Practice Review Trial Wrap-up Live Trial Review Executive Summary Report 10 Minutes 30 Minutes

29 Virtual Inline Deployment
Patented “Virtual Inline Deployment” Better than inline proxy because: No rerouting of traffic. Invisible to users. All users, not just your employees. All devices, not just web browsers. Better than MTA Mail Proxy because All , not just inbound. Internal ! Can scan and quarantine already in inbox Not just Slack, Teams, etc. Patented ‘virtual inline’ enforcement. SmartPhish: Avanan’s own Anti-phishing Technology More Data. More Analysis. Machine Learning: 200+ indicators per Big Data Analysis: Historical and real time context analysis Interactive Remediation and real-time learning True Cloud Integration “Virtual Inline”: After native security, before inbox (Patented) All Communication: Inbound, Outbound, Internal, Historical More than File-Sharing, Slack, Collaboration, etc. Workflow: Granular, interactive remediation and blocking

30 The Targets Account Takeover SaaS Apps
Verizon Data Breach Investigations Report

31 Suite-based phishing is top attack vector
49% of breaches in 2017 used no malware SaaS is a global target Target is well understood technology User’s habitual trust in the suite


Download ppt "Complete Cloud Security"

Similar presentations


Ads by Google