1. Perimeters and Unicorns: Two Things That Only Exist in IT Fairyland Gary Paluch, CISSP, Sr. Sales Engineer

2. 2 The perimeter as you know it is

3. The Rise of Consumer-Driven IT MOBILITYVIRTUALIZATION & CLOUD Campus-based client/server 2000 2007 TODAY Remote and Line of Business SaaS usage BYO and Consumerization SaaS App Explosion (iPhone is born) Salesforce.com is born

4. There are 10,000 enterprise apps today (and growing).

5. © 2015 Netskope. All Rights Reserved. How Do Cloud Apps Get In? 5 IT-led Business-led User-led 10% 70% 20% Mostly Unsanctioned Sanctioned

6. 6 Actual: 715 IT estimate: 40-50 Source: Netskope Data Not just individuals… 64 Marketing 47 Collaboration 40 HR These were controlled by IT

7. 7 apps 700+ cloud apps per enterprise 90% are not enterprise-ready users Malicious or non- intentional 15% of corporate users have had their account credentials compromised data 18% of files in cloud apps constitute a policy violation 22% of those files are shared publicly activities Cloud makes it easy to share When is an activity an anomaly?

8. Catch-22

9. Allow is the new block (allow is new block green light slide) 9

10. 6 Steps to Mitigating Cloud Usage Risk (without blocking everything)

11. STEP 1: Discover the cloud apps running in your enterprise and assess risk

12. STEP 2: Understand cloud usage details v v Bob in accounting From his mobile phone v Uploading customer data to Dropbox v Bob’s credentials have been compromised

13. Traditional perimeter security is blind to cloud activity Perimeter SecurityCloud Security 2.0 Number of cloud apps HundredsThousands Bytes ✔✔ Basic session Info ✔✔ Cloud app enterprise-readiness score ✔ Activity-level details for all cloud apps ✔ Content-level details for files tied to an activity or for files stored in a cloud app ✔ © 2015 Netskope. All Rights Reserved.

14. Perimeter security lacks activity and content visibility 14 Web session start Login as: mary@acme Browser/OS From: IP address To: IP address www.box.com URL Category: File Sharing/ Storage HTTP GET/POST/ DELETE/CONNECT HTTP headers GET and POST Body Identity App Activity Data Summary Perimeter Security Cloud Security 2.0 Web session end Login: mary@acme.com URL: Box Category: File Sharing Using: Macbook, Safari 6.0 From: IP address To: IP address Login as: mary@acme Box ID: mary@gmail Using: Macbook/Safari From: Mtn View, CA Destination: App located in Germany To user: sharing a doc with “John@Newco” App: Box Category: Cloud Storage App Instance: Corporate CCL: High Risk: High Login Upload Download Share Logout Invite Edit View… PII/PCI/PHI data Other sensitive classifications Login: mary@acme.com Box: ID mary@gmail.com App: Box Instance: Corporate Using: Macbook, Safari 6.0 From: Mountain View, CA Activities: Create Folder, Move Files (4), Share Folder w/ John@NewCo Anomalies: Downloaded a PII doc from SFDC, uploaded to box

15. STEP 3: Monitor activities, detect anomalies, and conduct forensics

16. STEP 4: Find sensitive data tied to an activity or stored in a cloud app

17. STEP 5: Use surgical precision in your policies, leveraging contextual data

18. © 2015 Netskope. All Rights Reserved. Examples of using context in your policies 18 Quarantine PII data uploaded to risky cloud storage apps Allow marketing and support teams to post to social media, but block finance team Don’t allow data marked “confidential” to be shared outside of our company Alert users using their personal Dropbox to use a sanctioned cloud app instead

19. STEP 6: Don’t leave users in the dark. Coach them on safe usage.

20. 5: Use surgical precision in your policies, leveraging contextual data 3: Monitor activities, detect anomalies, conduct forensics, and find sensitive data 2: Understand cloud usage details 4: Find sensitive data part associated with an activity or stored in a cloud app 1: Discover the cloud apps running in your enterprise and assess risk 6: Don’t leave users in the dark. Coach them on safe usage.