webinarfeb 16

2016

safeguardingcloud + mobile

healthcare data

agenda:■ breach trends■ anatomy of a

breach■ security

challenges■ the casb approach

to security■ case studies

poll:what do you see as the biggest

threats to healthcare data?

healthcare breaches have skyrocketed:up 900% year over year

individuals affected

breach type

2014 2015

large-scale breaches rampant in 2015:top 6 breaches accounted for 96.6% of breached records

■ anthem alone accounted for 78.8m lost records

■ 11m records lost in premera breach

■ in 2014, largest breach affected 1m

the anatomy of a breach:premera blue cross / anthem blue cross

HR 1. May 2014 - spoofed sites, prennera.com, we11point.com

3. Employee login with corporate credentials

2. Spear phishing emails

4. Corporate creds

5. Log into Premera, Anthem

5. Query + steal 11M identities

Jan/Feb 2015 IT discovers breach

8%of healthcare orgs

had cloud apps deployed in 2014

37%of healthcare orgs

had cloud apps deployed in 2015

cloud adoption is rising fast

5.2%

of healthcare orgs use single

sign-on

Bitglass Cloud Adoption Report

57%of employees

refuse MDM/MAM for BYOD

38%of IT professionals don’t participate in their own BYOD

programs

employees are

resisting “big

brother”

Bitglass BYOD Security Survey 2015

poll:what capability

do you most need in a security

solution?

traditional security

approaches are

inadequate

CASB: a better approach to cloud security

identity

discovery

data-centric security

mobile

casb discovery:gain visibility into your org’s cloud usage

■ analyze outbound data flows to learn what SaaS apps your organization is using

■ understand risk profiles of different apps

■ essential in process of enabling secure cloud app usage

casb security:a data-centric approach

the new data reality requires a new security architecture

■ cross-device, cross-platform agentless data protection

■ granular DLP for data at rest and in motion

■ contextual access control

■ detailed logging for compliance and audit

agentless byod security:achieve compliance and drive adoption

■ secure devices without invasive profiles or certificates

■ solve the multiple affiliations problem■ device and OS independent■ selectively wipe corporate data■ enforce device security policies■ full data control and visibility for IT

casb identity:centralized identity management is key in securing data

■ cloud app identity management should maintain the best practices of on-prem identity

■ SSO enables cross-app visibility into suspicious access activity

■ contextual multi-factor authentication mitigates risk

needs: ■ ensure security of PHI in

Google Apps and on BYOD■ maintain HIPAA

compliance

key features: ■ DLP■ visibility / audit■ identity management ■ mobile data protection

bay covehuman

services ■ 2500+ employees■ 160 locations■ northeastern US

situation:■ existing solution, AT&T

Toggle, obsoleteneeds:

■ respect user privacy■ support future O365

migration■ HIPAA compliance

key features: ■ DLP policies applied to PHI■ selective wipe, enforce

device PIN and encryption

US hospital

system ■ 2500+ employees■ 160 locations■ northeastern US

■ 7000 employees

■ southeastern US

resources:more info about byod

■ healthcare breach report

■ bay cove human services: case study

■ ESG Lab product review

download the full healthcare breach report

in 2015 one in three Americans were victims of healthcare data breaches due to hacking

download the report

bitglass.com@bitglass