SlideShare ist ein Scribd-Unternehmen logo

Bitglass Webinar - A Primer on CASBs and Cloud Security

Als PPTX, PDF herunterladen
Bitglass
Bitglass

Intro to CASBs and the CASB market

Technologie
1 von 27
CASBs: A Primer on Securing Your Cloud Environment Webinar March 29
2 Today’s Speakers Mike Schuricht VP, Products Bitglass mike@bitglass.com Rik Turner Analyst Ovum rik.turner@ovum.com
Ovum | TMT intelligence | informa3 Copyright © Informa PLC Agenda 1. What is a Cloud Access Security Broker (CASB)? 2. What Drove the Development of CASB? 3. The Net Result 4. Enter CASB 5. Beyond Visibility – “CASB 2.0” 6. Technical Approaches 7. What Happens Next?
Ovum | TMT intelligence | informa4 Copyright © Informa PLC What is CASB?
Ovum | TMT intelligence | informa5 Copyright © Informa PLC What is CASB? SaaS application CLOUD ACCESS SECURITY BROKER
Ovum | TMT intelligence | informa6 Copyright © Informa PLC What Drove the Development of CASB?
Ovum | TMT intelligence | informa7 Copyright © Informa PLC What Drove the Development of CASB? 1. The Explosion in SaaS From the situation circa 2000…
Ovum | TMT intelligence | informa8 Copyright © Informa PLC What Drove the Development of CASB? …to today’s cornucopia
Ovum | TMT intelligence | informa9 Copyright © Informa PLC What Drove the Development of CASB? 2. The work-from- anywhere trend… making it even more difficult for IT to track and manage
Ovum | TMT intelligence | informa10 Copyright © Informa PLC Poll Question 1 • Poll Question 1 ○ Where are you in the adoption of cloud apps? ■ 1 ■ 2-5 ■ 5-10 ■ 10+
Ovum | TMT intelligence | informa11 Copyright © Informa PLC The Net Result
Ovum | TMT intelligence | informa12 Copyright © Informa PLC The Net Result Corporate IT lack visibility into what apps are in use by employees Security and compliance issues Urgent need to restore visibility and control to corporate IT
Ovum | TMT intelligence | informa13 Copyright © Informa PLC Enter CASB
Ovum | TMT intelligence | informa14 Copyright © Informa PLC Enter CASB The Restorer of Corporate IT’s Visibility into Application Use and Employee Activity
Ovum | TMT intelligence | informa15 Copyright © Informa PLC Enter CASB SaaS application CLOUD ACCESS SECURITY BROKER
Ovum | TMT intelligence | informa16 Copyright © Informa PLC Beyond Visibility – “CASB 2.0”
Ovum | TMT intelligence | informa17 Copyright © Informa PLC Beyond Visibility – “CASB 2.0” CONTROL ACTIONS • Read-only • No forwarding • No deletion • No printing • No downloading • No copying • Impose encryption
Ovum | TMT intelligence | informa18 Copyright © Informa PLC Technical Approaches
Ovum | TMT intelligence | informa19 Copyright © Informa PLC Technical Approaches Proxy- or API-based CASBs? vs
Ovum | TMT intelligence | informa20 Copyright © Informa PLC Poll Question 2 • Poll Question 2 ○ Where are you in your CASB journey? ■ Never heard about them before ■ Investigating vendors ■ Actively looking for the right vendor ■ Already purchased
Ovum | TMT intelligence | informa21 Copyright © Informa PLC What comes next?
Unmanaged DevicesManaged Devices Managed Apps: Zero-Day Control for Any App Major SaaS Long-tail SaaS Internal Apps → Threat Protection Data Protection VisibilityIdentity Zero-Day CoreTM ● Contextual access control ● DLP w/ adv. remediation ● Field and file encryption ● Known & Zero-day malware protection ● Account hijack protection ● Integrated Single Sign-On (SSO) ● Step-up multi-factor auth ● Session management ● UEBA ● Policy-based remediation Proxy + API Agentless ProxyAgent/Agentless Proxy 22
23 Unmanaged Apps: Zero-Day Shadow IT Protection Agent/DNS Discover Shadow IT and Risks Secure access to unmanaged apps ● Route traffic via agent or DNS setting on devices ● Automated Zero-Day identification of upload paths ○ Machine-learning tech inspects all upload traffic ○ Data-paths with natural language payloads identified ● Enforce DLP policy on data paths across all users ● No signatures required, works for all apps - Facebook, Linkedin, Dropbox... Zero-Day upload DLP
Over 900 physicians; leading Bay Area non-profit Challenges ■ Inadequate native O365 security ■ PHI leakage from unmanaged devices ■ First-Gen CASB and AirWatch failed to deploy Solution ■ Distinguish between managed and unmanaged devices ■ Limit PHI access from risky unmanaged assets ■ Real-time DLP prevents data leakage on download ■ Readily deployable to all mobile devices, managed and unmanaged
Over 20,000 students and 3,000 faculty members Challenges ■ Cloud deployment met with security concerns around intellectual property, research, and health data ■ Unmanaged device access controls ■ Compliance requirements including HIPAA and FERPA Solution ■ Granular DLP policies to identify and secure PHI ■ Regular scans for zero-day malware in the cloud ■ Distinguish between managed and unmanaged devices ■ Technical safeguards for HIPAA compliance at Feinberg School of Medicine
Agentless deployment, any device Real-time data protection, anywhere Zero-day security, any app or workload Only Bitglass 26 Global enterprise success via sustained innovation and scale
Ovum | TMT intelligence | informa27 Copyright © Informa PLC Thank you! rik.turner@ovum.com mike@bitglass.com

Empfohlen

Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
Bitglass
 
Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security Threats
Bitglass
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Bitglass
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security ThreatsWebinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Bitglass
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Bitglass
 

Empfohlen

Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
Bitglass
 
Mitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security ThreatsMitigating the Top 5 Cloud Security Threats
Mitigating the Top 5 Cloud Security Threats
Bitglass
 
Security O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat ProtectionSecurity O365 Using AI-based Advanced Threat Protection
Security O365 Using AI-based Advanced Threat Protection
Bitglass
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security ThreatsWebinar - Bitglass and CyberEdge - Hidden Security Threats
Webinar - Bitglass and CyberEdge - Hidden Security Threats
Bitglass
 
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Beyond the Firewall: Securing the cloud with a CASB (in partnership with CSA)
Bitglass
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
Bitglass
 
5 Security Questions To Ask When Deploying O365
5 Security Questions To Ask When Deploying O3655 Security Questions To Ask When Deploying O365
5 Security Questions To Ask When Deploying O365
Bitglass
 
CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security Menace
Bitglass
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
AlgoSec
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
Bitglass
 
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Bitglass
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
Bitglass
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New Hope
Bitglass
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
AlgoSec
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
Bitglass
 
Protecting Your Data In Office 365
Protecting Your Data In Office 365Protecting Your Data In Office 365
Protecting Your Data In Office 365
Elastica Inc.
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
Bitglass
 
Reasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy WorldReasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy World
Elastica Inc.
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
Elastica Inc.
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
Alberto Pascual
 
Shadow Data Exposed
Shadow Data ExposedShadow Data Exposed
Shadow Data Exposed
Elastica Inc.
 
How to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxHow to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within Box
Elastica Inc.
 
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional ToolsJason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Tools
centralohioissa
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Forcepoint LLC
 
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust NothingMark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
Pro Mrkt
 
CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
Forcepoint LLC
 
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media GroupCASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
Bitglass
 

Weitere ähnliche Inhalte

Was ist angesagt?

CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security Menace
Bitglass
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
Bitglass
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
AlgoSec
 
Protecting Your Data In Office 365
Protecting Your Data In Office 365Protecting Your Data In Office 365
Protecting Your Data In Office 365
Elastica Inc.
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
Elastica Inc.
 
Shadow Data Exposed
Shadow Data ExposedShadow Data Exposed
Shadow Data Exposed
Elastica Inc.
 

Was ist angesagt? (20)

securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
 
5 Security Questions To Ask When Deploying O365
5 Security Questions To Ask When Deploying O3655 Security Questions To Ask When Deploying O365
5 Security Questions To Ask When Deploying O365
 
CASBs and Office 365: The Security Menace
CASBs and Office 365: The Security MenaceCASBs and Office 365: The Security Menace
CASBs and Office 365: The Security Menace
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the Curve
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
 
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
Closing the Cloud Security Gap with a CASB (in partnership with Forrester)
 
The Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force AwakensThe Future of CASBs - A Cloud Security Force Awakens
The Future of CASBs - A Cloud Security Force Awakens
 
CASBs - A New Hope
CASBs - A New HopeCASBs - A New Hope
CASBs - A New Hope
 
Managing risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business contextManaging risk and vulnerabilities in a business context
Managing risk and vulnerabilities in a business context
 
Office 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your DataOffice 365 Security: How to Safeguard Your Data
Office 365 Security: How to Safeguard Your Data
 
Protecting Your Data In Office 365
Protecting Your Data In Office 365Protecting Your Data In Office 365
Protecting Your Data In Office 365
 
Webinar Express: What is a CASB?
Webinar Express: What is a CASB?Webinar Express: What is a CASB?
Webinar Express: What is a CASB?
 
Reasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy WorldReasoning About Enterprise Application Security in a Cloudy World
Reasoning About Enterprise Application Security in a Cloudy World
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
 
Office365 security in depth
Office365 security in depthOffice365 security in depth
Office365 security in depth
 
Shadow Data Exposed
Shadow Data ExposedShadow Data Exposed
Shadow Data Exposed
 
How to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within BoxHow to Extend Security and Compliance Within Box
How to Extend Security and Compliance Within Box
 
Jason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional ToolsJason Kent - AppSec Without Additional Tools
Jason Kent - AppSec Without Additional Tools
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
 
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust NothingMark Lomas | Zero-Trust Trust No One, Trust Nothing
Mark Lomas | Zero-Trust Trust No One, Trust Nothing
 

Ähnlich wie Bitglass Webinar - A Primer on CASBs and Cloud Security

Innovation at Meraki
Innovation at MerakiInnovation at Meraki
Innovation at Meraki
Cisco Canada
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Netskope
 
Webinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWindsWebinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWinds
SolarWinds
 
Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with Runpipe
Runpipe
 

Ähnlich wie Bitglass Webinar - A Primer on CASBs and Cloud Security (20)

CASB: Securing your cloud applications
CASB: Securing your cloud applicationsCASB: Securing your cloud applications
CASB: Securing your cloud applications
 
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media GroupCASBs: 8 Critical Capabilities in partnership with ISMG Media Group
CASBs: 8 Critical Capabilities in partnership with ISMG Media Group
 
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
06 - VMUGIT - Lecce 2018 - Rodolfo Rotondo, VMware
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
 
Securing Your Digital Transformation: Cybersecurity and You
Securing Your Digital Transformation: Cybersecurity and YouSecuring Your Digital Transformation: Cybersecurity and You
Securing Your Digital Transformation: Cybersecurity and You
 
Cloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & SecurityCloudy with a Chance of...Visibility, Accountability & Security
Cloudy with a Chance of...Visibility, Accountability & Security
 
8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker8 questions to ask when evaluating a Cloud Access Security Broker
8 questions to ask when evaluating a Cloud Access Security Broker
 
Forcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelůForcepoint - Analýza chování uživatelů
Forcepoint - Analýza chování uživatelů
 
Scalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver PresentationScalar Security Roadshow - Vancouver Presentation
Scalar Security Roadshow - Vancouver Presentation
 
Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era Choosing a SCADA System for the IIoT Era
Choosing a SCADA System for the IIoT Era
 
Scalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary PresentationScalar Security Roadshow - Calgary Presentation
Scalar Security Roadshow - Calgary Presentation
 
Innovation at Meraki
Innovation at MerakiInnovation at Meraki
Innovation at Meraki
 
Security and Accountability in the Cloud (in partnership with SANS)
Security and Accountability in the Cloud (in partnership with SANS)Security and Accountability in the Cloud (in partnership with SANS)
Security and Accountability in the Cloud (in partnership with SANS)
 
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...Office 365 in Focus. Security and Governance Strategies from the Experts - We...
Office 365 in Focus. Security and Governance Strategies from the Experts - We...
 
What CISOs should know about SAP security
What CISOs should know about SAP securityWhat CISOs should know about SAP security
What CISOs should know about SAP security
 
Webinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWindsWebinar: Real IT Compliance with SolarWinds
Webinar: Real IT Compliance with SolarWinds
 
Three Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security SuperheroThree Secrets to Becoming a Mobile Security Superhero
Three Secrets to Becoming a Mobile Security Superhero
 
Microsoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with RunpipeMicrosoft Power Platform Governance with Runpipe
Microsoft Power Platform Governance with Runpipe
 

Mehr von Bitglass

Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?
Bitglass
 
Data-Centric Protection: The Future of BYOD Security
Data-Centric Protection: The Future of BYOD SecurityData-Centric Protection: The Future of BYOD Security
Data-Centric Protection: The Future of BYOD Security
Bitglass
 

Mehr von Bitglass (13)

Webinar - Mobile Security Trends
Webinar - Mobile Security TrendsWebinar - Mobile Security Trends
Webinar - Mobile Security Trends
 
Empowering the Cloud Through G Suite
Empowering the Cloud Through G SuiteEmpowering the Cloud Through G Suite
Empowering the Cloud Through G Suite
 
Securing IaaS Applications
Securing IaaS ApplicationsSecuring IaaS Applications
Securing IaaS Applications
 
6 essentials for secure BYOD in healthcare
6 essentials for secure BYOD in healthcare6 essentials for secure BYOD in healthcare
6 essentials for secure BYOD in healthcare
 
Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?Webinar: are casbs ready for primetime?
Webinar: are casbs ready for primetime?
 
The Four Horsemen of the O365 Apocalypse
The Four Horsemen of the O365 ApocalypseThe Four Horsemen of the O365 Apocalypse
The Four Horsemen of the O365 Apocalypse
 
CASBs and Office 365 (with Argyle)
CASBs and Office 365 (with Argyle)CASBs and Office 365 (with Argyle)
CASBs and Office 365 (with Argyle)
 
Bridging the Office 365 Security Gap - Redmond Media
Bridging the Office 365 Security Gap - Redmond MediaBridging the Office 365 Security Gap - Redmond Media
Bridging the Office 365 Security Gap - Redmond Media
 
Webinar Express: Securing BYOD without MDM
Webinar Express: Securing BYOD without MDMWebinar Express: Securing BYOD without MDM
Webinar Express: Securing BYOD without MDM
 
Top 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in HealthcareTop 5 Cloud Security Threats in Healthcare
Top 5 Cloud Security Threats in Healthcare
 
CSA Research: Mitigating Cloud Threats
CSA Research: Mitigating Cloud ThreatsCSA Research: Mitigating Cloud Threats
CSA Research: Mitigating Cloud Threats
 
The Security Gap: Protecting Healthcare Data in Office 365
The Security Gap: Protecting Healthcare Data in Office 365The Security Gap: Protecting Healthcare Data in Office 365
The Security Gap: Protecting Healthcare Data in Office 365
 
Data-Centric Protection: The Future of BYOD Security
Data-Centric Protection: The Future of BYOD SecurityData-Centric Protection: The Future of BYOD Security
Data-Centric Protection: The Future of BYOD Security
 

Kürzlich hochgeladen

+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
panagenda
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Kürzlich hochgeladen (20)

Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
Apidays Singapore 2024 - Scalable LLM APIs for AI and Generative AI Applicati...
 
A Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source MilvusA Beginners Guide to Building a RAG App Using Open Source Milvus
A Beginners Guide to Building a RAG App Using Open Source Milvus
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 

Bitglass Webinar - A Primer on CASBs and Cloud Security

  • 1. CASBs: A Primer on Securing Your Cloud Environment Webinar March 29
  • 2. 2 Today’s Speakers Mike Schuricht VP, Products Bitglass mike@bitglass.com Rik Turner Analyst Ovum rik.turner@ovum.com
  • 3. Ovum | TMT intelligence | informa3 Copyright © Informa PLC Agenda 1. What is a Cloud Access Security Broker (CASB)? 2. What Drove the Development of CASB? 3. The Net Result 4. Enter CASB 5. Beyond Visibility – “CASB 2.0” 6. Technical Approaches 7. What Happens Next?
  • 4. Ovum | TMT intelligence | informa4 Copyright © Informa PLC What is CASB?
  • 5. Ovum | TMT intelligence | informa5 Copyright © Informa PLC What is CASB? SaaS application CLOUD ACCESS SECURITY BROKER
  • 6. Ovum | TMT intelligence | informa6 Copyright © Informa PLC What Drove the Development of CASB?
  • 7. Ovum | TMT intelligence | informa7 Copyright © Informa PLC What Drove the Development of CASB? 1. The Explosion in SaaS From the situation circa 2000…
  • 8. Ovum | TMT intelligence | informa8 Copyright © Informa PLC What Drove the Development of CASB? …to today’s cornucopia
  • 9. Ovum | TMT intelligence | informa9 Copyright © Informa PLC What Drove the Development of CASB? 2. The work-from- anywhere trend… making it even more difficult for IT to track and manage
  • 10. Ovum | TMT intelligence | informa10 Copyright © Informa PLC Poll Question 1 • Poll Question 1 ○ Where are you in the adoption of cloud apps? ■ 1 ■ 2-5 ■ 5-10 ■ 10+
  • 11. Ovum | TMT intelligence | informa11 Copyright © Informa PLC The Net Result
  • 12. Ovum | TMT intelligence | informa12 Copyright © Informa PLC The Net Result Corporate IT lack visibility into what apps are in use by employees Security and compliance issues Urgent need to restore visibility and control to corporate IT
  • 13. Ovum | TMT intelligence | informa13 Copyright © Informa PLC Enter CASB
  • 14. Ovum | TMT intelligence | informa14 Copyright © Informa PLC Enter CASB The Restorer of Corporate IT’s Visibility into Application Use and Employee Activity
  • 15. Ovum | TMT intelligence | informa15 Copyright © Informa PLC Enter CASB SaaS application CLOUD ACCESS SECURITY BROKER
  • 16. Ovum | TMT intelligence | informa16 Copyright © Informa PLC Beyond Visibility – “CASB 2.0”
  • 17. Ovum | TMT intelligence | informa17 Copyright © Informa PLC Beyond Visibility – “CASB 2.0” CONTROL ACTIONS • Read-only • No forwarding • No deletion • No printing • No downloading • No copying • Impose encryption
  • 18. Ovum | TMT intelligence | informa18 Copyright © Informa PLC Technical Approaches
  • 19. Ovum | TMT intelligence | informa19 Copyright © Informa PLC Technical Approaches Proxy- or API-based CASBs? vs
  • 20. Ovum | TMT intelligence | informa20 Copyright © Informa PLC Poll Question 2 • Poll Question 2 ○ Where are you in your CASB journey? ■ Never heard about them before ■ Investigating vendors ■ Actively looking for the right vendor ■ Already purchased
  • 21. Ovum | TMT intelligence | informa21 Copyright © Informa PLC What comes next?
  • 22. Unmanaged DevicesManaged Devices Managed Apps: Zero-Day Control for Any App Major SaaS Long-tail SaaS Internal Apps → Threat Protection Data Protection VisibilityIdentity Zero-Day CoreTM ● Contextual access control ● DLP w/ adv. remediation ● Field and file encryption ● Known & Zero-day malware protection ● Account hijack protection ● Integrated Single Sign-On (SSO) ● Step-up multi-factor auth ● Session management ● UEBA ● Policy-based remediation Proxy + API Agentless ProxyAgent/Agentless Proxy 22
  • 23. 23 Unmanaged Apps: Zero-Day Shadow IT Protection Agent/DNS Discover Shadow IT and Risks Secure access to unmanaged apps ● Route traffic via agent or DNS setting on devices ● Automated Zero-Day identification of upload paths ○ Machine-learning tech inspects all upload traffic ○ Data-paths with natural language payloads identified ● Enforce DLP policy on data paths across all users ● No signatures required, works for all apps - Facebook, Linkedin, Dropbox... Zero-Day upload DLP
  • 24. Over 900 physicians; leading Bay Area non-profit Challenges ■ Inadequate native O365 security ■ PHI leakage from unmanaged devices ■ First-Gen CASB and AirWatch failed to deploy Solution ■ Distinguish between managed and unmanaged devices ■ Limit PHI access from risky unmanaged assets ■ Real-time DLP prevents data leakage on download ■ Readily deployable to all mobile devices, managed and unmanaged
  • 25. Over 20,000 students and 3,000 faculty members Challenges ■ Cloud deployment met with security concerns around intellectual property, research, and health data ■ Unmanaged device access controls ■ Compliance requirements including HIPAA and FERPA Solution ■ Granular DLP policies to identify and secure PHI ■ Regular scans for zero-day malware in the cloud ■ Distinguish between managed and unmanaged devices ■ Technical safeguards for HIPAA compliance at Feinberg School of Medicine
  • 26. Agentless deployment, any device Real-time data protection, anywhere Zero-day security, any app or workload Only Bitglass 26 Global enterprise success via sustained innovation and scale
  • 27. Ovum | TMT intelligence | informa27 Copyright © Informa PLC Thank you! rik.turner@ovum.com mike@bitglass.com