• Introduction• Discussion• Demo• Q&A – If you have any questions

during the event, please type them into the panel on the right side of your screen.

Agenda

elastica.net

Speaker

Santiago PoloSr. Systems Engineer

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute!

Enabling Dropbox for Business

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Excellent security team and controls in

place to protect your data from hackers

More and more enterprises are confident

trusting their data with Dropbox

Can be deployed with a

Single Sign-On solution

Dropbox for Business is a secure solution

Johnny.B.Good

•••••••••••••••

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Johnny.B.Good

•••••••••••••••

What is not secure…

Password-based authentication has

inherent limitations

Human Nature – intentional or accidental

misuse of a valuable tool

Even if the tool is secure, organizations need

to govern their use of the tool

Compliance Risks?

Compromised Credentials?

Malicious Insiders?

Data Governance?

Malware Threats?

Unsecured BYOD Access?

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

No malicious intent

just bad practice

Determined internal

threatCompromised

devices or credentials

Inappropriate sharing of

critical content

Broad sharing of data

outside of specified groups

Moving restricted data

between services

Sending data to external sources

without considering implications

Failing to limit collaborators

to appropriate groups

Disgruntled employee

Dishonest Employee

Employee leaving to

join competitor

Terminated employee

who still has access

Uploading critical data

to personal storage

Phishing attacks

Man in the middle

Keystroke loggers

Stolen device

Stolen credentials

Socially engineered theft

Threat Vectors

12%7%80%

Aberdeen Group report

SaaS Data Loss —

The Problem You Didn’t

Know You Had (2014)

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Zeus-style malware

hidden under

user https session

Illegal transactions made.

Data stolen and uploaded

under https session!

No visibility

Malware Example

Zeus-like Malware

targets Cloud Apps

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute. 7

Who Controls Sharing?

Sharing has become

democratized (no longer top-

down controls)

Even file owners no longer

fully control how their files

are shared

Alice shares a file with Bob

Shadow Data

Bob shares that file publicly

without Alice’s knowledge

READ WRITEREAD ONLY

READ ONLYREAD ONLY

READ ONLYREAD ONLY

READ WRITE

READ WRITE

READ WRITEREAD WRITE

READ WRITEREAD ONLY

READ WRITEREAD ONLY

READ WRITEREAD ONLY

READ ONLYREAD WRITE

READ ONLY

READ WRITE

READ ONLYREAD WRITE

READ WRITEREAD ONLY

READ ONLYREAD ONLY

READ WRITEREAD WRITE

READ WRITE

READ ONLY

READ ONLY

READ ONLY

READ ONLY

READ ONLY

READ ONLYREAD ONLY

READ ONLYREAD ONLY

READ ONLY

READ ONLY

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Inadvertent Sharing

Legacy Sharing

Over Sharing

Public Shares /“Loose” Shares

Inherited File &

Folder

Permissions

Forgotten Shares

Shadow Data

former staff freelance contractor media contact with access to master

“marketing” folder

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

files stored in the

cloud per user

(average)

All Company

68%

files per user are

broadly shared

(average) External

19%

13%

Public

contain compliance related

data

PII

56%

29%

PHI

15%

PCI

20%of these files

2037 185

5% of users responsible for 85% of risk!

Shadow Data

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Bob

Shared

Payroll.docx

with Alice

But it’s not

that

simpleAlice is an

External Collaborator

Using

Dropbox

From an

Unmanaged Device

The File Contains

PII Risk

From an

Anomalous Location

Required Granularity of Visibility and Control

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Relies on outdated perimeter concept

Does not understand cloud app activity at a granular level

Is not context aware

Many times ignores encrypted traffic

Assumes links are safe

Traditional Security Approaches Fall Short

Traditional Company Environment

?

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Gaining Visibility into Cloud Apps

Gateway

front door

back door

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

StreamIQ™Deep visibility into

encrypted cloud traffic

Extracts all cloud

service objects and

activities (upload,

download,

share, delete)

Understands internal

vs. external

collaborators

ContentIQ™

Machine learning, semantic

analysis, natural language

processing, etc. used to provide

accurate file classification and

risk assessment (PII, PCI, HIPAA,

Source Code, etc.)

Use the above in policy to easily

alert, block, or remediate

ThreatScore™

Dozens of machine learning models

run per-user against StreamIQ™

events to tease out weak signals

indicating compromise, intentional

malicious activity, or accidental risky

behavior

Never before possible at this scale

100’s of thousands of users harnessing the power of the

cloud

Data Science Enables File Sharing in the Cloud

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

StreamIQ™

Event Extraction & Recording

Applying Data Science to Analyze User Behavior

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Applying Data Science to Analyze User Behavior

a unique graph for each individual

What happens when suspicious activity

occurs?

deviation

Analyze User Behavior

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Applying Data Science to Analyze User Behavior

given based on severity of suspicious activity

ThreatScore™

deviation

Dynamically Assign ThreatScore™

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

ContentIQ™ — Classifying the data

ContentIQ™

?

?

?

?

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Deep Content Inspection

Minimize False Positives

ContentIQ™ — Classifying the data

Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.

Data Science PoweredTM Cloud App Security

Elastica GW

Cloud APIs

FW Logs

ElasticaCloudSOC™

Business Readiness

Rating™

ThreatScore™

Content Classification

Granular Cloud Usage

PII PCI PHI Source Code

StreamIQ™

Machine Learning Semantic Analysis Natural Language Processing Graph Theory

Data Science Powered™ Cloud App Security

Fully understand how files are being shared in your organization

Quick and Easy – setup in minutes.

Start seeing results in a couple hours!

Expose risky content and develop policy/coach users

Find PII, PCI, HIPAA, Encrypted/Compressed Files, Source Code and more

Drill down on risky behaviors and perform immediate incident response

Find compromised user accounts, suspicious behavior, malware

Get your Shadow Data Risk Assessment

from your local Elastica team today!

Visit us to learn how you

can find risks and

protect critical content in

your file sharing apps.

elastica.net

Enabling Dropbox

for Business