casbs: real world use cases
TRANSCRIPT
webinarmar 16
2016
cloud access security brokers:
real world use cases
STORYBOARDS
the traditional approach to
security is inadequate
STORYBOARDS
native security features can’t be relied upon:the data blind spot
componentsusage/consumption
dataapplication
servicesservers & storage
network
layer
data
application
infrastructure
owner
enterprise
poll:what are your
top cloud security needs?
STORYBOARDS
CASB: a better approach to cloud security
identity
discovery
data-centric security
mobile
STORYBOARDS
casb security:a data-centric approach
the new data reality requires a new security architecture
■ cross-device, cross-platform agentless data protection
■ granular DLP for data at rest and in motion
■ contextual access control
■ detailed logging for compliance and audit
STORYBOARDS
managed devices
application access access control data protection
unmanaged devices /
byod
in the cloud
Forward ProxyActiveSync Proxy
Device Profile: Pass● Email● Browser● OneDrive Sync
● Full Access
Reverse Proxy + AJAX VMActiveSync Proxy
● DLP/DRM/encryption ● Device controls
API Control External Sharing Blocked
● Block external shares● Alert on DLP events
Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth
typical use case:real-time data protection on any device
STORYBOARDS
real-time enterprise saas data protection
■ real-time inline data protection■ leverage reverse proxy to control
access to any app on unmanaged devices
■ integrated DLP engine
STORYBOARDS
business data
giant
needs:■ secure Google Apps■ limit data access based on
device risk level■ control external sharing
key features: ■ inline data protection for
unmanaged devices/byod■ bidirectional DLP■ real-time sharing control
■ 20,000 employees
■ global
STORYBOARDS
UNC Charlotte
situation: ■ dropbox used campuswide by
faculty and staff for internal/external file sharing
needs: ■ cross platform data
protection■ secure mobile access
key features: ■ visibility■ contextual access control■ DLP / data controls
STORYBOARDS
achieve regulatory compliance
■ upload + download dlp and encryption
■ protect regulated cloud data on byod
■ control over external share & sync
■ leverage integrated identity management to ensure secure auth
STORYBOARDS
situation: ■ inadequate native O365
securityneeds:
■ secure email on mobile ■ control file sharing and
storagekey features:
■ real-time protection■ visibility / audit■ agentless BYOD■ integrated DLP
fortune 100
healthcare firm
■ 30,000 employees
■ global
STORYBOARDS
situation:■ require HIPAA compliance
with move to public cloudneeds:
■ respect user privacy■ support future O365
migration■ HIPAA compliance
key features: ■ DLP policies applied to PHI■ selective wipe, enforce
device PIN and encryption
US hospital
system ■ 2500+ employees■ 160 locations■ northeastern US
■ 7000 employees
■ southeastern US
STORYBOARDS
agentless byod security
■ secure devices without invasive profiles or certificates
■ protect “unwrappable” cloud and native apps
■ selectively wipe corporate data■ enforce device security policies■ full data control and visibility for IT
STORYBOARDS
fortune 500
beverage co.situation:
■ failed MobileIron and SAP Afaria deployments
needs:
■ increased adherence to BYOD security measures
■ fast + simple deployment
key features:
■ agentless, device / OS independent solution
STORYBOARDS
our mission
total data
protection
STORYBOARDS
our solutions
cloud mobile breach
17
STORYBOARDS
trusted at over 100
enterprises
healthcare
finance
pharmaceutical
manufacturing
media
higher ed
resources:more info about cloud security
■ bitglass report: cloud adoption by industry■ case study: UNC Charlotte secures dropbox■ case study: major ad agency secures o365
download the fortune 100 healthcare firm case study
learn how a large US-based healthcare firm used Bitglass to secure Office 365 for its 30,000 global employees
download the case study
STORYBOARDS
bitglass.com@bitglass