View
1.610
Download
0
Category
Preview:
Citation preview
Meet the Presenters
Ravi IthalChief Architect,
Netskope
Krishna NarayanaswamyChief Scientist,
Netskope
Patrick HardingChief Technology Officer,
Ping Identity
What We’ll Discuss
• Short commercial break: Introducing Ping and Netskope
• Cloud Security for Dummies – the 10 “must haves”
• Three “must have” examples
• Secure access to apps
• Audit activities and data
• Enforce granular policies
• What makes a great cloud security policy?
• Q&A
Confidential — do not distributeCopyright © 2015 Ping Identity Corp. All rights reserved.
4
ENABLING ENTERPRISE ACCESS,
SECURELY AND SEAMLESSLY
MARKET LEADERSHIP
Over 50% of the Fortune 100
4 of the 6 largest US banks
8 of the 10 largest biopharmas
3 of the 5 largest healthcare plans
SI, TECH AND SAAS PARTNERS
1,500 GLOBAL ENTERPRISES GLOBAL CUSTOMER SUCCESS
98%customer
satisfaction
96%customerretention
Denver, San Francisco, Boston,
Vancouver, London, Tel Aviv, Tokyo,
SingaporeSTANDARDS BODY PARTICIPATION
GLOBAL LEADERS UNDERSTAND
TRADITIONAL SECURITY IS
INEFFECTIVE
“…a new approach to enterprise
security…flipping common corporate
security practice on its head…accessed
from anywhere with the right device and
user credentials.”
“…The old notion of a network
perimeter that can be defended by
firewalls that are often hardware-
based and security appliances is long
out of date…”
‣ Strong technology integration and services
partnerships
© 2015 Netskope. All Rights Reserved.
6
‣ Discover cloud apps and assess risk
‣ Govern all apps and data
‣ Safely enable sanctioned cloud apps
‣ $131.4M from top Silicon Valley VCs
‣ Early investors in Atlassian, Box, Cloudera,
Nimble Storage, Yammer
What we do
Partners Investors
‣ 200+ employees globally, including North
America, throughout Europe, and Asia-Pacific
‣ Early architects/executives from Palo Alto
Networks, NetScreen, Cisco, McAfee, VMware
‣ 40+ patent claims across four categories
Team
© 2015 Netskope. All Rights Reserved.
Organizations of all types need cloud security
7
High Tech Financial Healthcare
Oil & Gas/Utility Retail/Hospitality Manufacturing/Other
FROM MID-SIZE… TO LARGE… …TO GLOBAL
© 2015 Netskope. All Rights Reserved.
v
8
IT estimate:
40-50
App Redundancy:
‣ 64 Marketing
‣ 47 Collaboration
‣ 40 HR
‣ 40 Finance
‣ 37 Productivity
‣ 34 Cloud Storage
Actual:
715
Traditional Perimeter Based Security
Confidential — do not distributeCopyright © 2014 Ping Identity Corp. All rights reserved.
10
Users Apps
IaaS
SaaS
Employees/BYOD
Customers/Partners
The perimeter approach works
great when all your assets are
inside of it.
But now they aren’t.
Now what?
Identity Defined Security
12
Data breaches continue
to wreak havoc in 2015
786,098,214 records exposed
18% of files in cloud apps
constitute a policy violation.
22% of those files are shared publicly
Use of cloud can increase
the probability of a major
data breach by 3x
Risk factors span
cloud apps, users,
activities, and data
Source: http://www.idtheftcenter.org/id-theft/data-breaches.html
Source: https://www.netskope.com/reports/ponemon-2014-data-breach-cloud-multiplier-effect
Source: Q2 2015 Netskope cloud report
13and human error
Ten “Must Haves” for Safe Cloud Enablement
14
Discover apps
and assess risk
Segment apps
sanctioned/unsanctioned
Secure access to apps
with SSO and strong authentication
Audit activities
user/admin/data
Understand content
to, from, and in apps
Detect anomalies
risky behavior, security threats
Enforce granular policies
in real-time, across any app
Protect data in context
who, what, where, activity, data
Ensure compliance
audit trails, remediation, reporting
Coach users
via conversations and automated
1. AUTHENTICATE
2. ACCESS
CLOUD ACCESS
SECURITY BROKER
SAAS
PUBLIC / PRIVATE CLOUD
APPS & APIs
ON-PREM
APPS & APIs
ENTERPRISE MOBILITY
MANAGEMENT
THREAT / FRAUD
DETECTION SERVICES
AUTHENTICATION &
DIRECTORY SERVICES
ACCESS SECURITY
AUTHORITY
CLIENTS & USERS
AUTHENTICATION & FEDERATION AUTHORITY
Secure Enterprise Cloud & Mobile Architecture
Seamless Integration – Netskope and Ping Identity
What Makes a Great
Policy?
Confidential — do not distribute
Multi-Factor
Access ControlContextual AuthN
Provisioning
INTERNET
SCALE
FEDERATED
ARCHITECTURE
ALL
IDENTITI
ES
WEB, MOBILE
& API
FLEXIBLE
DEPLOYMENT
SIX DESIGN PRINCIPLES
BUILT ON
STANDARDS
Best Practices – Next Generation IAM
+
Confidential — do not distribute
Workforce – Best of Both
INTERNAL APPS
SAML
Many more
SAMLFEDERATED SINGLE SIGN-ON
BASIC SINGLE SIGN-ON
EMPLOYEES
CORPORATE
PORTAL
20
SANCTIONED UNSANCTIONED
© 2015 Netskope. All Rights Reserved.
21
App“Introspection”
“Inspection”
Secure content in the app,
no matter when uploaded
Secure content en route
to or from the app
22
User Location Device
Time
Activity
Context
Content
Risk
w/Whom
Allow is the new block (allow is new block green light slide)
23
Tomorrow's secure enterprise starts today™
™
© 2015 Netskope. All Rights Reserved.
Thanks for Attending. Questions?
25
pharding@pingidentity.com, @patrickharding
rithal@netskope.com, @ravi_ithal
krishna@netskope.com, @Krishna_Nswamy
sales@pingidentity.com, @pingidentity
sales@netskope.com, @netskope
Recommended