Google confidential | Do not distribute
Be A HeroCombat Cloud Security Threats with Google Apps Unlimited and Cloudlock
Hayley [email protected] Alliances
Mahshad [email protected] Solutions Engineer
Google confidential | Do not distribute
What to expect?
1. New security threats in the cloud2. How Google Apps Unlimited + CloudLock can help save you
from these villiansa. Protect your usersb. Protect your sensitive datac. Protection against malwared. Gain visibility into user activities
2
Google confidential | Do not distribute
What’s so scary?
According to the latest IBM X-Force Research report, the average consolidated total cost of a data breach is $3.8 million
3
Google confidential | Do not distribute
What Can Go Wrong?
● Accidental publication● Configuration error● Hacked systems
● Phishing● Weak passwords● Poor device
security
● Low Visibility● Insider threat
Damage, Lawsuits & Fines
Lost IP, Business & Reputation Privacy Violations
4
Google confidential | Do not distribute
Business (Public SaaS) People Custom Apps (PaaS & IaaS)
Legacy Security SolutionsON
- P
RE
MIS
EC
LO
UD
CyberSecurity Fabric
Messaging & Collaboration
Sales & marketing
HR & Skills
Finance
Sharepoint
Apps
App Server
Database
force.com
The Era of Full Cloud is upon us
5
Google confidential | Do not distribute
Changing IT models requires a new security paradigm
APPS DATA USERS
NETWORK
NEW MODEL:People-Centric Security
IDENTITY CLOUD
DEVICE / NETWORK
OLD MODEL:Network-Based Security
ACCOUNTS
6
Google confidential | Do not distribute 7
World Class Data Centers
Global Private Network
Back End Security
Application Security
Google Apps Security
End User Security
Google confidential | Do not distribute
Cyber Report: The 1% Who Can Do Damage
8
Google confidential | Do not distribute
Gartner Report: Minding the SaaS Gaps
9
Google confidential | Do not distribute
Cloud Access Security Broker (CASB) with CloudLock
force.com
What Shadow Apps are my users using?
What do users do in my Cloud Apps?
How do I identify compromised Accounts?
Are Shadow Apps connected to sanctioned Ones ?
Do I have sensitive /Toxic /regulated data in the cloud?
How do I encrypt/ Quarantine sensitive data in the cloud?
SaaS
force.com
PaaS and IaaS IDaaS
10
Google confidential | Do not distribute
How can we help?
APPSACCOUNTS
DATA
+
Data BreachData Security/Compliance (Cloud DLP/Encryption)
Compromised AccountsThreat Protection (UEBA)
Cloud MalwareVisibility (Apps Firewall)
Data Loss PreventionDLP for email and Drive
User interaction audits and information DiscoveryDrive Audit logs, Vault
Fine-Grained Admin ControlsOU level Drive controls
11
Google confidential | Do not distribute
Users
We do love our users, but 95% of security attacks involve human
error
12
Google confidential | Do not distribute
Is phishing effective?*
3%
The most obvious phishing webpages
Trick users 3%
of the time
13%
Average phishing webpages
Trick users 13%
of the time
Trick users 45%
of the time
Hijackers move fast
20%
20% of accounts are accessed within
30 minutes of being phished
* Google study of manual hackers
The most believable phishing
webpages
45%
13
Google confidential | Do not distribute
Two factor authentication (Security key management)
14
Google confidential | Do not distribute
Visibility into user interactions (Drive Audit Logs)
15
Google confidential | Do not distribute
Making Sense of your Global Cloud Activities
16
Google confidential | Do not distribute
Example of why you need User Behavior Entity Analytics
North America
9:00 AM ET▪ Login to:
Africa
10:00 AM ET▪ Data export from:
● Distance from the US to the Central African Republic: 7,362 miles● At a speed of 800 mph, it would take 9.2 hours to travel between
them
17
Google confidential | Do not distribute
eDiscovery and Archive (Vault)● Quick and easy legal discovery (email, Drive content)● Preserve company data (email and Documents retention policies and holds)● Export and Share results
18
Google confidential | Do not distribute
Security at Application level
Google confidential | Do not distribute
3rd Party Applications
20
Google confidential | Do not distribute 21
3rd Party Application CARI score and classification
Google confidential | Do not distribute
Fine tuned admin controls: Drive Data Access at Org level
22
Google confidential | Do not distribute
CloudLock is embedded within the UI of a SWG
Extensibility: Shadow IT Discovery Integration
23
Google confidential | Do not distribute
Data Leak Prevention
Google confidential | Do not distribute
Create trusted relationships between domains
25
Google confidential | Do not distribute
Fine tuned admin controls: Managing Sharing by OU
26
Google confidential | Do not distribute
Advanced Data Loss Prevention ● Predefined content detectors (Internationalized)● Optical Character Recognition (OCR)● Content thresholds settings (control # of false positives)
27
^4[0-9]{12}(?:[0-9]{3})?$
Google confidential | Do not distribute
CloudLock Encryption Management for Google
File and Folder-Level Encryption
Protect your most sensitive content within Google Drive from unauthorized access
User and Policy-Driven
Enterprise-Owned Keys
On-Premises or In Cloud
Preserve real-time co-authoring
28
Google confidential | Do not distribute
Where to get your cloud security superpowers?
APPSACCOUNTS
DATA
+
Protect your Company Data from being lost, stolen, and exposed
Protect against Cloud malware, phishing attacks, and other breaches
Protect your corporate accounts and safeguard your users
29
Google confidential | Do not distribute
1. Contact your Google account manager
2. Contact [email protected] to learn more about
Cloudlock:
What now?
First 5 Attendees to contact Hayley will get a CloudLock Cyber Security Assessments for FREE !!!!!
30
Google confidential | Do not distribute
Thank YouQuestions?
31