Download - Netskope — Shadow IT Is A Good Thing
![Page 1: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/1.jpg)
Making Shadow IT Work
![Page 2: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/2.jpg)
Dear ,
I love you, I hate you.
Regards,The CIO
![Page 3: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/3.jpg)
![Page 4: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/4.jpg)
CLOUD CAGR FOR ‘13-’17 WILL BE 5XOF IT INDUSTRY AS A WHOLE
![Page 5: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/5.jpg)
ORGANIZATIONS ARE PUTTING THECLOUD TO WORK FOR BUSINESS
![Page 6: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/6.jpg)
Who?
What?
When?
with Whom?
![Page 7: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/7.jpg)
unsanctioned CLOUD APPS 72%
* OneLogin Survey 2012
of people admit to using
![Page 8: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/8.jpg)
of CLOUD APPS don’t make the grade
75% Cloud App
Cloud App
Cloud App
Cloud App
REPORT CARD
* Netskope Research, Adapted from CSA’s Cloud Controls Matrix
![Page 9: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/9.jpg)
Evaluating Apps on Objective Criteria
• Measure of a cloud app’s enterprise-readiness• Based on the app’s security, auditability, and
business continuity• Based on 30+ objective criteria adapted from the
Cloud Security Alliance
EXCELLENT HIGH MEDIUM LOW POOR
* Netskope Research, Adapted from CSA’s Cloud Controls Matrix
![Page 10: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/10.jpg)
1%
22%34%16%27%
EXCELLENT
HIGH
MEDIUM
LOW
POOR
* Netskope Research, Adapted from CSA’s Cloud Controls Matrix
![Page 11: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/11.jpg)
* Netskope Research, Adapted from CSA’s Cloud Controls Matrix
![Page 12: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/12.jpg)
Reasons Apps Do Well and Fall Short
* Netskope Research, Adapted from CSA’s Cloud Controls Matrix
![Page 13: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/13.jpg)
* Netskope Research, Adapted from CSA’s Cloud Controls Matrix
![Page 14: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/14.jpg)
Example: User and Admin Audit• Admin audit logs• Change/upgrade notifications• Data access logs• Infrastructure status reports• User audit logs
![Page 15: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/15.jpg)
Example: Certifications and Compliance• Compliance certifications– HIPAA– PCIDSS– etc.
• Datacenter certifications– SOC-1, -2– ISO27001– etc.
![Page 16: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/16.jpg)
Key Capabilities• Audit and alert capabilities• Certifications and compliance• Data classification capabilities• Disaster recovery and business continuity• Encryption• File sharing• Policy enforcement and access control
![Page 17: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/17.jpg)
April 14, 202317
10%
90%
Most Organizations Underestimate
Cloud App Usage by 90%
![Page 18: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/18.jpg)
CLOUD HAS CREATED A BLIND SPOT
The average number of security
While the percent of people stating they “don’t know”
Source: PwC
In the past 2 years…
if they’ve had a security breach increased 100%
incidents has risen 25%
![Page 19: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/19.jpg)
The Multiplier Effect of a Cloud Breach
3.3 devices perknowledge worker
50% of people share content via unapproved cloud services
90% of organizationsthat lost sensitivecontent via file sharing
5 out of top 10 data breaches involved cloud
?Source: Cisco Source: Ponemon
Source: CRNSource: Ponemon
0100011 110 01 1
1010
![Page 20: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/20.jpg)
Cost of a data breach:
$5.4 million
Source: Ponemon
• Remediation costs• Brand and reputation impact• Loss of intellectual property• Fines for non-compliance• Cost and time for reporting and prevention
![Page 21: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/21.jpg)
Yet, people love their cloud apps, and for good
reasonAnywhere Access CollaborationProductivity
![Page 22: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/22.jpg)
CAN’T COMPLY WITH SOX, ETC.
• Public biosciences co. would like to embrace cloud, but doesn’t know what services are running
• Can’t evaluate new services
• Can’t attest to access/auth usage for SOX and other regs, e.g., HIPAA
![Page 23: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/23.jpg)
POTENTIAL DATA LEAKAGE
• Large media firm discovered a dozen cloud storage apps, plus others in which data could be shared
• IT must see what sensitive data are being uploaded
• Then, see whether data are being shared, and with whom
![Page 24: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/24.jpg)
POST-EVENT FORENSICS
• High tech company suspects theft of proprietary documents by a departing employee
• IT must construct audit trail, showing user download from corporate account and subsequent upload to and share from personal account
![Page 25: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/25.jpg)
DISCOVER APPS & EVALUATE RISK
• Discover all apps, known or not• Objectively evaluate apps’
enterprise-readiness • Score apps on security,
auditability, and business continuity
![Page 26: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/26.jpg)
ANALYZE USAGE
• Discover who’s using what apps, from where, and on what device
• See what class of data are being uploaded, downloaded, shared
• See with whom data are shared
![Page 27: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/27.jpg)
LIMIT ACTIVITIES VS. BLOCK APPS
• Rather than block an app, limit usage (e.g., don’t share with people outside of the company)
• Use context such as user, location, device, data class, and user activity
![Page 28: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/28.jpg)
VERIFY AND THEN TRUST
• Create risk model of scenarios involving user, app, data, activity, and other contextual factors
• Set watch lists on scenarios that represent the most risk
![Page 29: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/29.jpg)
CONSIDER CONTEXT IN EVERYTHING YOU
DO• Consider contextual factors when
shining a light on shadow IT, running analytics and setting policies
• Think about user, group, location, time, device, OS, app, and app score
![Page 30: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/30.jpg)
1. DISCOVER cloud apps and evaluate risk2. Analyze USAGE3. LIMIT activities vs. blocking apps4. VERIFY and then trust5. Consider CONTEXT in everything you do
![Page 31: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/31.jpg)
![Page 32: Netskope — Shadow IT Is A Good Thing](https://reader036.vdocuments.site/reader036/viewer/2022062709/5590effe1a28ab16458b456a/html5/thumbnails/32.jpg)
THANK YOU