Presentation is loading. Please wait.

Presentation is loading. Please wait.

Next-Gen CASB We are Bitglass, the total data protection company and a global CASB and agentless mobile security company based in Silicon Valley enabling.

Published bySurya Kartawijaya Modified over 6 years ago

Similar presentations

Presentation on theme: "Next-Gen CASB We are Bitglass, the total data protection company and a global CASB and agentless mobile security company based in Silicon Valley enabling."— Presentation transcript:

1 Next-Gen CASB We are Bitglass, the total data protection company and a global CASB and agentless mobile security company based in Silicon Valley enabling real-time end-to-end data protection, from the cloud to the device.

2 Cloud Platform and Application Security
Olav Jensen Regional Sales Director

3 Zero-day data & threat protection for any app, any device, anywhere
Mission Next-Gen CASB Zero-day data & threat protection for any app, any device, anywhere Our goal is to provide every customer complete data protection for any app you may have deployed, any device with access to corporate data and applications, and from anywhere – on the corporate network and outside the corporate network,

4 The Problem Cloud and mobile are beyond the firewall...
Unmanaged apps Managed apps Legacy Tech Firewall Premises DLP MDM SSL VPN Web Proxy Data leakage & threat risk Unmanaged devices Managed devices ...leaving legacy security technologies obsolete.

5

6

7 Augmented Application & Platform Security
Access Controls – Differentiated access based on user, device, geography Managed Device vs. Unmanaged Device (BYOD, Kiosk, etc.) Block native application clients on BYOD – OneDrive Sync Client Mobile Data Protection Policies UEBA External sharing Uniform Session Management Inactivity timers Anti-malware scanning Inspection inline and at rest Uniform Access Logging Who, what, when, where

8 Augmented Application & Platform Security (cont.)
Encryption Upload and download – inline At rest DLP initiated File permission settings - public/private DLP pattern match Integrated Identity Management w/ MFA Mobile Data Protection Selective wipe Selective restore Inline redaction and content blocking based on DLP policy

9 Managed Apps Proxy + API Contextual access control
Major SaaS Long-tail SaaS Internal Apps → IaaS Proxy + API Contextual access control DLP w/ adv. remediation Field and file encryption Known & Zero-day malware protection Account hijack protection Data Protection Threat Protection Zero-Day CoreTM Identity Visibility Integrated Single Sign-On (SSO) Step-up multifactor auth Session management UEBA Policy-based remediation Agent/Agentless Proxy Agentless Proxy Managed Devices Unmanaged Devices

10 Managed App Example: Office 365
Identity Step-up MFA for risky behavior/logins Control access to O365 from unmanaged devices Session management Data Protection Identification and selective encryption of PII Control external sharing via OneDrive, Sharepoint Block OneDrive sync client on select devices Visibility Comprehensive visibility and forensics across cloud footprint Data-at-rest and data-in-transit visibility Threat Protection Stop known and zero-day threats before upload to OneDrive Block attachments containing malware Scan and quarantine malware at-rest in OneDrive

11 Data Leakage Prevention
Flexible DLP Policy options Pre-built library for common identifiers (PCI, PII, SSN, GDPR, etc) Custom patterns - keyword, regex, exact match, occurrence, proximity, advanced expression language Import from prem DLP (SYMC, McAfee, etc) ICAP integration to any prem DLP Advanced remediation - allow without risk Alert, Track/Watermark, Encrypt, DRM, Redact, Block Read-only/Preview

12 Agentless Mobile + Activesync Proxy
Deploy without MDM hassles Secure , contacts, calendars No software or profiles Maintain privacy - only corporate traffic inspected Any mobile device + modern Outlook clients Control flow of data to device DLP, Access Control, Threat Protection Extend SSO to Activesync Secure data on device Patented agentless selective wipe Agentless device config (PIN, encryption, etc) Control rogue apps (Cloudmagic, Outlook for iOS) Data Protection Threat Protection Zero-Day CoreTM Identity Visibility

13 DLP blocking Our goal is to provide every customer complete data protection for any app you may have deployed, any device with access to corporate data and applications, and from anywhere – on the corporate network and outside the corporate network,

14 Inline redaction Our goal is to provide every customer complete data protection for any app you may have deployed, any device with access to corporate data and applications, and from anywhere – on the corporate network and outside the corporate network,

15 Identity Management Authenticate via Bitglass IdP, AD, or any 3rd party IAM Bitglass auto-redirect via proxy SAML transparently redirects users from any cloud app No vanity URLs, device config, or user experience change Only CASB with native identity management AD/local authentication and sync Contextual multifactor authentication Integration with existing solutions ActiveDirectory sync and provisioning Support for all major IdPs including ADFS, Ping, Okta SAML / WS-Fed IDP SAML SP AD Sync + Auth

16 Advanced Threat Protection
Built-in Protection O365 and G Suite feature limited threat protection Other cloud apps offer no protection Standard Threat Protection, included Block known threats with file hashes and signatures Feed from 13 industry-leading AV engines Advanced Threat Protection – powered by Cylance Block all zero-day threats with AI-based predictive engine Requires additional license

17 Full-Strength Cloud Encryption
Store private cloud data in public cloud apps Encrypt structured (field) and unstructured (file) data BYOK (via KMIP) or CloudHSM service Maintain full application functionality Searchable and sortable Crypto-independent implementation Full-strength security US Patent 9,047,480 Operations-preserving 256-bit AES with 256-bit IV Competition Maximum 20-bit IVs to support search Search performance drops with IV length No wild-card search, partial-word search...

18 Managed App Visibility
Cross-app visibility & analytics Deep “access” visibility via proxies “Cloud” data-at-rest visibility via API Suspicious activity detection Cross-app behavioral analysis Configurable alerting and SIEM/SOC integration Step-up MFA and other response actions

19 Real-time data protection,
Only Bitglass Zero-day security, any app or workload Agentless deployment, any device Real-time data protection, anywhere Bitglass is uniquely capable of protecting any application and any workload – from SaaS and IaaS to premises apps like Microsoft Exchange. Unlike cumbersome deployments for some security solutions, Bitglass is easy to deploy on any device – managed or unmanaged. With no agents to install, Bitglass protects BYO devices, managed assets, and everything in between with ease. Real-time data protection works everywhere, whether you’re in the office, out at a Starbucks, or at home. The same visibility, controls, and protections apply.

20 Total Data Protection We are Bitglass, the total data protection company and a global CASB and agentless mobile security company based in Silicon Valley enabling real-time end-to-end data protection, from the cloud to the device.

Download ppt "Next-Gen CASB We are Bitglass, the total data protection company and a global CASB and agentless mobile security company based in Silicon Valley enabling."

Similar presentations

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.

Embrace Mobility. Without Compromise. The apps they need. On the devices they want. Without sacrificing compliance. Strategic Approach to Mobile Security.
Extending ForeFront beyond the limit www.AGATSolutions.com TMGUAG ISAIAG AG Security Suite.

Extending ForeFront beyond the limit TMGUAG ISAIAG AG Security Suite.
The Natural way for Secure Mobile Email v.1.4 www.AGATSolutions.com.

The Natural way for Secure Mobile v.1.4
Taking Control of Cloud Security Travis Abrams. Consulting and Professional Services Health checks Deployment services Strategic Partner VAR Board Leadership.

Taking Control of Cloud Security Travis Abrams. Consulting and Professional Services Health checks Deployment services Strategic Partner VAR Board Leadership.
SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.

SharePoint Server Exchange Server CORPORATE NETWORK Mobile devices PCs Browsers INTERNET DMZ Active Directory Policies Filter EAS Filter web access.
Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.

Script Kiddies; CybercrimeCyber-espionage; Cyber-warfare CybercriminalsState sponsored actions; Unlimited resources Attacks on fortune 500All sectors.
Empower Enterprise Mobility Jasbir Gill Azure Mobility.

Empower Enterprise Mobility Jasbir Gill Azure Mobility.
Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite www.SecureMobileEmail.com www.AGATSolutions.com.

Extending Forefront beyond the limit TMG UAG ISA IAG Security Suite
123456789101112…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.

…. PrePlanPrepareMigratePost Pre- Deployment PlanPrepareMigrate Post- Deployment First Mailbox.
Network security Product Group 2 McAfee Network Security Platform.

Network security Product Group 2 McAfee Network Security Platform.
Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.

Extending ISA/IAG beyond the limit. AGAT Security suite - introduction AGAT Security suite is a set of unique components that allow extending ISA / IAG.
Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?

Yair Grindlinger, CEO and Co-Founder Do you know who your employees are sharing their credentials with? Do they?
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.

Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.

FND2851. Mobile First | Cloud First Sixty-one percent of workers mix personal and work tasks on their devices* >Seventy-five percent of network intrusions.
Employees use multiple devices Employees use both corporate and personal applications Data is stored in various locations Cybersecurity is a top concern.

Employees use multiple devices Employees use both corporate and personal applications Data is stored in various locations Cybersecurity is a top concern.
Pat Fetty – Principal PM Manager Securing your mobile assets with Microsoft Intune WIN33 1.

Pat Fetty – Principal PM Manager Securing your mobile assets with Microsoft Intune WIN33 1.
Craig Pringle & Derek Moir

Craig Pringle & Derek Moir
Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.

Why EMS? What benefit does EMS provide O365 customers Manage Mobile Productivity Increase IT ProductivitySimplify app delivery and deployment LOB Apps.
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.

Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Go mobile. Stay in control. Craig Morris EMPOWER ENTERPRISE MOBILITY.

Go mobile. Stay in control. Craig Morris EMPOWER ENTERPRISE MOBILITY.

Similar presentations

Ads by Google