Cloud Security for Dummies Webinar — The Identity Edition

Meet the Presenters

Ravi IthalChief Architect,

Netskope

Krishna NarayanaswamyChief Scientist,

Netskope

Patrick HardingChief Technology Officer,

Ping Identity

What We’ll Discuss

• Short commercial break: Introducing Ping and Netskope

• Cloud Security for Dummies – the 10 “must haves”

• Three “must have” examples

• Secure access to apps

• Audit activities and data

• Enforce granular policies

• What makes a great cloud security policy?

• Q&A

Confidential — do not distributeCopyright © 2015 Ping Identity Corp. All rights reserved.

4

ENABLING ENTERPRISE ACCESS,

SECURELY AND SEAMLESSLY

MARKET LEADERSHIP

Over 50% of the Fortune 100

4 of the 6 largest US banks

8 of the 10 largest biopharmas

3 of the 5 largest healthcare plans

SI, TECH AND SAAS PARTNERS

1,500 GLOBAL ENTERPRISES GLOBAL CUSTOMER SUCCESS

98%customer

satisfaction

96%customerretention

Denver, San Francisco, Boston,

Vancouver, London, Tel Aviv, Tokyo,

SingaporeSTANDARDS BODY PARTICIPATION

GLOBAL LEADERS UNDERSTAND

TRADITIONAL SECURITY IS

INEFFECTIVE

“…a new approach to enterprise

security…flipping common corporate

security practice on its head…accessed

from anywhere with the right device and

user credentials.”

“…The old notion of a network

perimeter that can be defended by

firewalls that are often hardware-

based and security appliances is long

out of date…”

‣ Strong technology integration and services

partnerships

© 2015 Netskope. All Rights Reserved.

6

‣ Discover cloud apps and assess risk

‣ Govern all apps and data

‣ Safely enable sanctioned cloud apps

‣ $131.4M from top Silicon Valley VCs

‣ Early investors in Atlassian, Box, Cloudera,

Nimble Storage, Yammer

What we do

Partners Investors

‣ 200+ employees globally, including North

America, throughout Europe, and Asia-Pacific

‣ Early architects/executives from Palo Alto

Networks, NetScreen, Cisco, McAfee, VMware

‣ 40+ patent claims across four categories

Team

© 2015 Netskope. All Rights Reserved.

Organizations of all types need cloud security

7

High Tech Financial Healthcare

Oil & Gas/Utility Retail/Hospitality Manufacturing/Other

FROM MID-SIZE… TO LARGE… …TO GLOBAL

© 2015 Netskope. All Rights Reserved.

v

8

IT estimate:

40-50

App Redundancy:

‣ 64 Marketing

‣ 47 Collaboration

‣ 40 HR

‣ 40 Finance

‣ 37 Productivity

‣ 34 Cloud Storage

Actual:

715

Traditional Perimeter Based Security

Confidential — do not distributeCopyright © 2014 Ping Identity Corp. All rights reserved.

10

Users Apps

IaaS

SaaS

Employees/BYOD

Customers/Partners

The perimeter approach works

great when all your assets are

inside of it.

But now they aren’t.

Now what?

Identity Defined Security

12

Data breaches continue

to wreak havoc in 2015

786,098,214 records exposed

18% of files in cloud apps

constitute a policy violation.

22% of those files are shared publicly

Use of cloud can increase

the probability of a major

data breach by 3x

Risk factors span

cloud apps, users,

activities, and data

Source: http://www.idtheftcenter.org/id-theft/data-breaches.html

Source: https://www.netskope.com/reports/ponemon-2014-data-breach-cloud-multiplier-effect

Source: Q2 2015 Netskope cloud report

13and human error

Ten “Must Haves” for Safe Cloud Enablement

14

Discover apps

and assess risk

Segment apps

sanctioned/unsanctioned

Secure access to apps

with SSO and strong authentication

Audit activities

user/admin/data

Understand content

to, from, and in apps

Detect anomalies

risky behavior, security threats

Enforce granular policies

in real-time, across any app

Protect data in context

who, what, where, activity, data

Ensure compliance

audit trails, remediation, reporting

Coach users

via conversations and automated

1. AUTHENTICATE

2. ACCESS

CLOUD ACCESS

SECURITY BROKER

SAAS

PUBLIC / PRIVATE CLOUD

APPS & APIs

ON-PREM

APPS & APIs

ENTERPRISE MOBILITY

MANAGEMENT

THREAT / FRAUD

DETECTION SERVICES

AUTHENTICATION &

DIRECTORY SERVICES

ACCESS SECURITY

AUTHORITY

CLIENTS & USERS

AUTHENTICATION & FEDERATION AUTHORITY

Secure Enterprise Cloud & Mobile Architecture

Seamless Integration – Netskope and Ping Identity

What Makes a Great

Policy?

Confidential — do not distribute

Multi-Factor

Access ControlContextual AuthN

Provisioning

INTERNET

SCALE

FEDERATED

ARCHITECTURE

ALL

IDENTITI

ES

WEB, MOBILE

& API

FLEXIBLE

DEPLOYMENT

SIX DESIGN PRINCIPLES

BUILT ON

STANDARDS

Best Practices – Next Generation IAM

+

Confidential — do not distribute

Workforce – Best of Both

INTERNAL APPS

SAML

Many more

SAMLFEDERATED SINGLE SIGN-ON

BASIC SINGLE SIGN-ON

EMPLOYEES

CORPORATE

PORTAL

20

SANCTIONED UNSANCTIONED

© 2015 Netskope. All Rights Reserved.

21

App“Introspection”

“Inspection”

Secure content in the app,

no matter when uploaded

Secure content en route

to or from the app

22

User Location Device

Time

Activity

Context

Content

Risk

w/Whom

Allow is the new block (allow is new block green light slide)

23

Tomorrow's secure enterprise starts today™

™

© 2015 Netskope. All Rights Reserved.

Thanks for Attending. Questions?

25

pharding@pingidentity.com, @patrickharding

rithal@netskope.com, @ravi_ithal

krishna@netskope.com, @Krishna_Nswamy

sales@pingidentity.com, @pingidentity

sales@netskope.com, @netskope