casbs: critical capabilities - in partnership with isc(2)
TRANSCRIPT
![Page 1: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/1.jpg)
webinarmar 10
2016
cloud access security brokers:critical
capabilities
![Page 2: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/2.jpg)
■ challenges ■ what is a casb■ about us
![Page 3: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/3.jpg)
STORYBOARDS
the traditional approach to
security is inadequate
![Page 4: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/4.jpg)
STORYBOARDS
native security features can’t be relied upon:the data blind spot
componentsusage/consumption
dataapplication
servicesservers & storage
network
layer
data
application
infrastructure
owner
enterprise
![Page 5: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/5.jpg)
STORYBOARDS
security must evolve
to protect data outside the firewall
cloud:attack on
SaaS vendor risks
sensitive data
access:uncontrolled access from any device
network:data breach - exfiltration &
Shadow IT
mobile:lost device
with sensitive data
5
![Page 6: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/6.jpg)
■ challenges ■ what is a casb■ about us
![Page 7: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/7.jpg)
STORYBOARDS
CASB: a better approach to cloud security
identity
discovery
data-centric security
mobile
![Page 8: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/8.jpg)
STORYBOARDS
casb discovery:gain visibility into your org’s cloud usage■ analyze outbound data flows
to learn what SaaS apps your organization is using
■ understand risk profiles of different apps
■ essential in process of enabling secure cloud app usage
![Page 9: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/9.jpg)
STORYBOARDS
casb security:a data-centric approach
the new data reality requires a new security architecture
■ cross-device, cross-platform agentless data protection
■ granular DLP for data at rest and in motion
■ contextual access control
■ detailed logging for compliance and audit
![Page 10: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/10.jpg)
STORYBOARDS
mobile security cannot be overlooked:protect data across all devices, managed and unmanaged
■ demand for byod continues to rise
■ employees have rejected mdm and mam
■ IT must securely enable access to frequently used apps
![Page 11: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/11.jpg)
STORYBOARDS
casb identity:centralized identity management is key in securing data
■ cloud app identity management should maintain the best practices of on-prem identity
■ limit potential breaches with contextual multi-factor auth for high risk logins
![Page 12: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/12.jpg)
STORYBOARDS
managed devices
application access access control data protection
unmanaged devices /
byod
in the cloud
Forward ProxyActiveSync Proxy
Device Profile: Pass● Email● Browser● OneDrive Sync
● Full Access
Reverse Proxy + AJAX VMActiveSync Proxy
● DLP/DRM/encryption ● Device controls
API Control External Sharing Blocked
● Block external shares● Alert on DLP events
Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth
typical use case:only CASB with real-time data protection on any device
![Page 13: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/13.jpg)
STORYBOARDS
fortune 50conglomerate
use case:
■ office 365 access control
why bitglass:
■ controlled access from any device (ajax-vm)
■ transparent deployment
■ 30,000 employees
■ 100s of locations globally
![Page 14: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/14.jpg)
■ challenges ■ what is a casb■ about us
![Page 15: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/15.jpg)
STORYBOARDS
our mission
total data
protection
![Page 16: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/16.jpg)
STORYBOARDS
our solutions
cloud mobile discovery
![Page 17: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/17.jpg)
STORYBOARDSData Exfiltration (Malware hosts, TOR, Phishing…)
Integrated Identity & SSO
Mobile SecurityActiveSync Proxy
Visibility & Control: Data-at-restAPI integration
Data Protection Watermarking, Encryption,
DLP, DRM
Access ControlForward Proxy
Reverse Proxy + AJAX-VM
Cloud Encryptio
n
ShadowIT
Access Control SAML Proxy
the only casb withreal-time inline data protection on any device
out of band
in band
![Page 18: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/18.jpg)
STORYBOARDS
trusted at over 100
enterprises
healthcare
finance
pharmaceutical
manufacturing
media
higher ed
![Page 19: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/19.jpg)
resources:more info about cloud security
■ definitive guide to casbs
■ bitglass report: project cumulus
■ glass class: cloud security priorities for 2016
![Page 20: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/20.jpg)
download the gartner market guide to casbs
with predictions and recommendations, the market guide is an essential resource for formulating your CASB strategy
download the report
![Page 21: CASBs: Critical Capabilities - in partnership with ISC(2)](https://reader038.vdocuments.site/reader038/viewer/2022110109/586e71d01a28ab99598b4e6d/html5/thumbnails/21.jpg)
STORYBOARDS
bitglass.com@bitglass