webinarsept 21

2016

CASB cases: how your peers are

securing the cloud

STORYBOARDS

enterprise(CASB)

end-user devicesvisibility & analytics

data protectionidentity & access control

applicationstorageserversnetwork

enterprise vs app vendor security responsibilitiesthe data blind spot

app vendor

STORYBOARDS

security must evolve to

protect data outside the

firewall

ungoverned access to

corporate data in the cloud

hidden Shadow IT threats

sensitive cloud data on

unmanaged devices

STORYBOARDS

CASB: a better approach to cloud security

identity

discovery

data-centric security

mobile

STORYBOARDS

casb securitya data-centric approach

the new data reality requires a new security architecture

■ cross-device, cross-platform agentless data protection

■ granular DLP for data at rest and in motion

■ contextual access control

■ detailed logging for compliance and audit

STORYBOARDS

managed devices

application access access control data protection

unmanaged devices /

byod

in the cloud

Forward ProxyActiveSync Proxy

Device Profile: Pass● Email● Browser● OneDrive Sync

● Full Access

Reverse Proxy + AJAX VMActiveSync Proxy

● DLP/DRM/encryption ● Device controls

API Control External Sharing Blocked

● Block external shares● Alert on DLP events

Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth

typical use casereal-time data protection on any device

STORYBOARDS

use case 1: real-time saas data protection

■ real-time inline data protection

■ leverage proxies to control access to any app on unmanaged devices

■ external sharing control via API

■ integrated data leakage prevention

STORYBOARDS

client:■ 15,000 employees in 190+

locations globallychallenge:

■ Mitigate risks of Google Apps adoption

■ Prevent sensitive data from being stored in the cloud

■ Limit data access based on device risk level

■ Govern external sharingsolution:

■ Inline data protection for unmanaged devices/BYOD

■ Bidirectional DLP■ Real-time sharing control

secure google apps +

byod

business data

giant

STORYBOARDS

use case 2: achieve regulatory compliance

■ upload + download dlp and encryption

■ protect regulated cloud data on byod

■ control over external share & sync

■ leverage integrated identity management to ensure secure auth

STORYBOARDS

secure office 365 + byod

client:

■ 35,000 employees globally

challenge: ■ Inadequate native O365 security■ Controlled access from any device■ Limit external sharing■ Interoperable with existing

infrastructure, e.g. Bluecoat, ADFS

solution: ■ Real-time data visibility and control ■ DLP policy enforcement at upload

or download■ Quarantine externally-shared

sensitive files in cloud ■ Controlled unmanaged device

access

fortune 50 healthcar

efirm

STORYBOARDS

client:

■ 180,000 employeeschallenge:

■ HIPAA Compliant cloud and mobile■ Control access to Office 365 from managed

& unmanaged devices■ Control external sharing■ No agents on devices

solution:

■ Real-time inline protection on any device■ Contextual access control on managed &

unmanaged devices (Omni)■ API control in the cloud■ Agentless BYOD with selective wipe■ Enterprise-wide for all SaaS apps

HIPAA compliant

o365 + byod

majorhospital

system

STORYBOARDS

use case 3: agentless byod security

■ secure devices without invasive profiles or certificates

■ protect “unwrappable” cloud and native apps

■ selectively wipe corporate data■ enforce device security policies■ full data control and visibility for IT

STORYBOARDS

client:

■ 8000 employees

■ s&p 500

challenge: ■ Lack of adherence to BYOD security

measures■ Failed MobileIron and SAP Afaria

deploymentssolution:

■ Bitglass Agentless – device / OS independent

■ Fast deployment■ Logging for compliance with

internal data security policies■ Seamless integration with

ActiveDirectory

fortune 500

beverage co.

byod security

STORYBOARDS

use case 4: cloud encryption

■ Key for financial services organizations migrating to the cloud

■ Separation of systems provides an additional layer of security

■ Control your own encryption keys■ Full-strength, 256-bit AES

STORYBOARDS

secure salesforce

+ office 365

15

challenge■ Needed complete CASB for enterprise-wide

migration to SaaS■ Encryption of data-at-rest in Salesforce ■ Office 365 security

solution■ Searchable encryption of data in

Salesforce■ Preserve existing API integrations■ Full control of encryption keys■ Real-time inline DLP on any device

(Citadel)■ Contextual access control on managed &

unmanaged devices (Omni)■ API control in the cloud■ Discover breach & Shadow IT

financial services

giant

STORYBOARDS

our mission

total data

protection est. jan

2013

100+ custome

rs

tier 1 VCs

STORYBOARDS

our solutions

cloud mobile breach

17

resources:more info about cloud security

■ bitglass report: cloud adoption by industry

■ case study: financial services firm encrypts SFDC

■ case study: fortune 100 healthcare firm secure O365

STORYBOARDS

bitglass.com@bitglass