Transcription
Embracing the Cloud,SecurelyReducing Risk, Enabling Innovation& Case StudiesNigel Hawthorn, EMEA Spokespersonnigel hawthorn@mcafee.com 44 7801 487987 @wheresnigelMcAfee Confidentiality LanguageMcAfee Confidential
Agenda Data: The Most Valuable Asset Cloud Is Taking Over, What Do The Analysts Say? Who Is Responsible for Cloud Security? Introducing Cloud Access Security Brokers Integration with McAfee Portfolio Customer Examples One SaaS Example - PreziMcAfee Confidential2
Data is the most valuable asset for organizations across industriesis to this century“ Datawhat oil was to the lastone: a driver of growthand change.”McAfee Confidential3
McAfee Corporate Portfolio StrategyMcAfee Confidential4
Cloud Is Taking Over
The Average Enterprise Uses 1,427 Cloud Services80% Unknown to IT5% High RiskMcAfee Confidential6
Network security fails to protect all data in the cloud & mobile eraData created nativelyin cloud is invisible tonetwork securityMcAfee Confidential50% of cloud traffic iscloud-to-cloud andinvisible to networksecurityData uploaded tocloud from mobile isinvisible to networksecurity7
How Secure Is The Cloud?McAfee Confidential8
Security Controls Vary by ProviderMcAfee Confidential9
Security Controls Vary by ProviderMcAfee Confidential10
IaaS and PaaS Growing FastestMcAfee Confidential11
What are customers most concerned about? Security/regulatory requirements Collaborative nature of cloud Lack of Visibility, multiple clouds Increasing external/internal threats targeting cloud Well intentioned employee error Cloud providers’ access to sensitive dataMcAfee Confidential12
Who’s Responsibility Is Cloud Security?“Through 2020,99% of cloudsecurity failureswill be thecustomer’s fault”McAfee Confidential13
Cloud Shared Security Responsibility ModelMcAfee Confidential14
Cloud Customer NeedsMcAfee ConfidentialIdentify Identify sensitive data in SaaS and IaaS servicesUnderstand access to and sharing of sensitive dataExamine IaaS security configurations to eliminate vulnerabilitiesDiscover and govern shadow SaaS/IaaS usageDetects threats – compromised accounts, insider threats, malwareControl Build sharing and collaboration guardrailsDefine and enforce access policies based on device, geo, roleDelete high-risk files violating DLP policiesQuarantine mid-risk files violating DLP policiesAutonomously remediate low-risk files violating DLP policiesProtect Encrypt structured data with your own keys Implement IRM to protect data outside of the cloud15
Introducing Cloud Access Security Brokers
“Cloud access security brokers have become an essential element ofany cloud security strategy, helping organizations govern the use ofcloud and protect sensitive data in the cloud. Security and riskmanagement leaders should align CASB vendors to address specificuse-case requirements”"Security leaders should deploy CASB for the centralizedcontrol of multiple services that would otherwise requireindividual management.”20
The Skyhigh Security Cloudenables organizations toaccelerate their business bygiving them total controlover their data in the cloud
Analyst Reports: Skyhigh: Once, Twice, Three Times a LeaderMcAfee Confidential22
Network security fails to protect all data in the cloud & mobile eraData created nativelyin cloud is invisible tonetwork securityMcAfee Confidential50% of cloud traffic iscloud-to-cloud andinvisible to networksecurityData uploaded tocloud from mobile isinvisible to networksecurity23
Different approaches to protecting data in the cloud & mobile eraProxyCASBAPIAgentReal timeComplete coverageMcAfee ConfidentialData at restData uploadedData created in cloudStandard appsCertificate pinned apps3rd Party AccessReal timeComplete coverageData at restData uploadedData created in cloudStandard appsCertificate pinned apps24
Skyhigh – Proxy, API & McAfee IntegrationProxyAPIShadow ITSaaSIaaSOne platform withunified policesacross cloudservicesMcAfee ConfidentialCustom AppsReal timeComplete coverageData at restData uploadedData created in cloudStandard appsCertificate pinned appsNo new agentsNo friction25
Skyhigh cloud-native data security frameworkUnderstandinformation contentand contextIdentifyShadow ITSaaSControlProtectMcAfee ConfidentialIaaSCustom AppsTake real-time actiondeep in cloud servicesApply persistentprotection to data26
IdentifyGround LinkLightning LinkSky LinkShadow ITSaaSIaaSCustom AppsIdentify sensitive data in SaaS andIaaS servicesUnderstand access to and sharingof sensitive dataExamine IaaS securityconfigurations to eliminatevulnerabilitiesDiscover and govern shadowSaaS/IaaS usageDetects threats - compromisedaccounts, insider threats, malwareMcAfee Confidential27
ControlBuild sharing and collaborationguardrailsGround LinkLightning LinkSky LinkDefine and enforce access policiesbased on device & geoShadow ITSaaSIaaSCustom Apps!Delete high-risk files violating DLPpoliciesQuarantine mid-risk files violatingDLP policiesAutonomously remediate low-riskfiles violating DLP policiesMcAfee Confidential28
ProtectGround LinkLightning LinkSky LinkShadow ITSaaSIaaSEncrypt structured data with yourown keysCustom AppsImplement IRM to protect dataoutside of the cloudMcAfee Confidential29
Customer DemandsInnovation – IaaS Review, custom apps, UEBA, automation to simplify managementFrictionless Approach – no agents and no app breakage, one unified platformCloud Scale – processing billions events/day/customer requires cloud scalabilityFlexible Deployment Options – Integration with existing technology, Email GatewayControl All Traffic – Business partners, collaboration control, cloud-to-cloud trafficMcAfee Confidential30
Integration with McAfee Portfolio
Web Gateway& Hybrid WebgatewayThreat Feeds& IntelligenceG.T.I &3rd PartySIA Partners:EMMIDaaSFile TaggingAnd more Public CloudServer SecuritySuiteMcAfee DLPMcAfee ConfidentialEnterprise SecurityManager (SIEM)ePolicyOrchestratorEndpoint:AV, App Controletc.DataProtection:DLP,Encryption,Device Cont.,32
Customer Examples
Hard Data from the Cloud Adoption and Risk ReportAnonymized usage datafrom 600 companiesMcAfee Confidential30 millionusers78 countriesworldwidePrivate and Confidential20,000 cloudservices analyzed3434
18.1% of files in the Cloud contain Sensitive Data35McAfee Confidential35
Perform DLP for Data Uploaded to or Created in the Cloud Uniform policies across cloudservicesEnsure compliance withhealthcare regulatoryrequirements withinO365, Box, andSalesforce36McAfee Confidential Policies based on keywords, dataidentifiers, IDM, EDM Multi-tier remediation based onseverity36
Manage Personal Data to Conform to GDPR & Other Privacy RegulationsEuropean Financial Institution Uniform policies across cloudservicesEnsure compliance withGDPR & 50 countrybanking regulationswithin multiple cloudservices37 Policies based on fingerprinting,user behavioral analysis andmodern DLP Block link sharing to unapproveddomains37McAfee Confidential37
34.5% of Documents in Cloud are Shared Externally38McAfee Confidential38
Build Guardrails for Cloud Collaboration Eliminate sharing to personalemails or via open linksEnable collaborationwhile preventingunauthorized sharing inOffice 365 & Box39McAfee Confidential Create whitelist of valid businesspartner email domains Layer content into policies viaDLP engine39
The Average User Connects to Enterprise Cloud Services from 2.8 Devices2.8 Devices40McAfee Confidential40
Prevent Data Loss due to usage of Personal Devices Check for device certificate,confirm user/device mappingEnable BYOD whilepreventing data lossfrom Salesforce,ServiceNow, O365, Box,and Google via lost orstolen devices41McAfee Confidential Limit access based on device orlocation Block access or limit to view-only41
The Average Enterprise Experiences 17 Cloud Threats Per MonthOf organizations have atleast one insider threat permonthOf organizations have at leastone compromised account permonth429.3Insider threatanomaliesper month5.1Compromisedaccountsanomalies per month2.8Privileged userthreats anomaliesper monthMcAfee ConfidentialOf organizations have at leastone privileged user threat permonth42
Support Investigations by Tracking all Activity within Sanctioned Cloud Services Activities organized into 13categories for easy navigationCreated forensic livelog of O365 activity toquickly resolvedsecurity incidentinvestigations provideauditability43McAfee Confidential Drill down into specific user andgroups Activity data enriched withgeographic location43
Protect Against Threats to Cloud Data Analyze usage across multiplecloud servicesPrevented data lossfrom Salesforce, Box,and O365 due tocompromised accounts,insider threats andprivileged user threats44McAfee Confidential Leverage UEBA to identify threatswithout pre-defined policies orthresholds Adjust sensitivity with real-timepreview44
IaaS and Custom Apps Fastest Growing Segment of CloudIaaS38.4% CAGR464 CustomAppsSaaS20.3% CAGRSource: Gartner45McAfee Confidential45
Extend Protection from SaaS to Custom Apps and IaaSBlueCross BlueShield Leveraged AI to map customapplications Extended DLP from SaaS tocustom appsEliminated AWSsecurity vulnerabilitiesand wrapped customapps with DLP andactivity monitoring46McAfee Confidential Audited and remediated AWSsecurity configurations46
One SaaS Example – Risk or No Risk?
Read the EULAMcAfee Confidential48
Q&A
McAfee Confidential 15 Cloud Customer Needs Identify sensitive data in SaaS and IaaS services Understand access to and sharing of sensitive data Examine IaaS security configurations to eliminate vulnerabilities Discover and govern shadow SaaS/IaaS usage Detects threats -compromised accounts, insider threats, malware Identify Build sharing and collaboration guardrails