cloud access security brokers - what's all the hype
TRANSCRIPT
Netskope © 2015, Op0v Security Inc. © 2015
CASB: What’s with all the hype?
Jervis Hui Senior Product Marketing Manager, Netskope [email protected]
Netskope © 2015, Op0v Security Inc. © 2015
“By 2017, organizations that have made a strategic decision to invest in cloud applications for mission-critical
workloads will consider CASBs to be an essential security control.”
© 2016 Netskope. All Rights Reserved. 2
© 2016 Netskope. All Rights Reserved.
What is a Cloud Access Security Broker?
3
• Defined by Gartner in 2012; • Cloud-based or on-premises; • Sits between user and cloud app; • Visibility and control of cloud apps as
they are accessed; • Example policies: Authorization,
encryption, tokenization, logging, alerting, authentication
© 2016 Netskope. All Rights Reserved.
Gartner’s Four Pillars of CASB
4
VISIBILITY
DATA SECURITY
COMPLIANCE
THREAT PROTECTION
© 2016 Netskope. All Rights Reserved.
977 Apps Per Enterprise – It’s Easy to Buy and Use Them!
7
5%
75%
20%
Mos
tly U
nsan
ctio
ned
San
ctio
ned
IT-led
Business-led
User-led
Data Breaches
Failed Audits = Fines, Penalties
Loss or Theft of IP or Sensitive Data
Loss of Reputation, Business Disruption
© 2016 Netskope. All Rights Reserved. 9
12
• Find all cloud apps and report on enterprise-readiness of each cloud app using 45+ criteria
• Find sensitive data in sanctioned cloud apps and report on what is being shared publicly or outside your company
• Deployment options include logs, TAP mode, or inline for app discovery and Introspection / API for data discovery
CASB Requirements
Use Case #2 Find data exfiltration
activities across cloud apps and
remediate
Source: AT&T Cybersecurity Insights
14
• Visibility into activities across sanctioned and unsanctioned apps
• Correlation of events and anomaly detection
• Remediate with granular policy enforcement and DLP for unsanctioned cloud apps
CASB Requirements
16
• See detail about activities across all cloud apps
• Support for category-level policies such as ‘social media’
• DLP engine that can identify specific text strings tied to activities in unsanctioned apps
• Ability to apply context to your policies
CASB Requirements
18
• Ability to classify managed vs. unmanaged devices
• Ability to set policies based on device classification
• Support for granular policies based on device classification
CASB Requirements
20
• Ability to scan sanctioned cloud apps for various malware types and quarantine the files
• Ability to inspect cloud app traffic in real-time for malware and quarantine before it reaches target
• Ability to replace the eradicated malware with a tombstone file, letting the user know of the action taken
CASB Requirements
4: Provide granular access control for managed vs. unmanaged devices
3: Allow, don’t block cloud apps like social media
2: Find data exfiltration activities across cloud apps and remediate
5: Find malware, remediate, and reverse attack fan-out
1: Discover cloud apps, find sensitive data, and assess risk