Upload
netskope
View
259
Download
0
Embed Size (px)
Citation preview
CURE FOR THE COMMON CLOUD:
HOW HEALTHCARE CAN SAFELY ENABLE THE CLOUD
Craig GuinassoGenomic HealthCISO
Krishna NarayanaswamyNetskopeChief Scientist
2
• Established in 2000 and is the world’s leading provider of genetic cancer diagnostic tests
• Corporate HQ – Redwood City, CA• Company’s lead product, the Oncotype Dx breast cancer test has been
shown to predict the likelihood of chemotherapy benefits as well as recurrence of invasive breast cancers
• 600,000 patient tests to date conducted by more than 1,400 physicians in 70 countries
• 800+ employees globally, $275M revenue in 2014
4
‣ Strong technology and services partnerships
‣ Discover cloud apps and assess risk‣ Govern all apps and data‣ Safely enable sanctioned cloud apps
‣ $131.4M from top Silicon Valley VCs‣Accel, Lightspeed, Iconiq,
Social+Capital‣Customers include
‣ 250+ employees globally, including North America, throughout Europe, and Asia-Pacific
‣ Early architects/executives from Palo Alto Networks, NetScreen, Cisco, McAfee, VMware
‣ First comprehensive CASB patent, 40+ additional patent claims across four categories
Let’s talk about the cloud…
There are 22,000+enterprise cloud apps today (and
growing)
7
Most IT departments underestimate
cloud app usage by 90%
Average number of cloud apps per enterprise
94% of these are not enterprise-ready
Cloud: Now playing on a mobile device near you
10
Nearly HALF of all cloud app activities originate from a mobile device
ONE THIRD of all DLP violations occur
on mobile devices
76.2% Of Cloud DLP Violations occur in healthcare and life sciences
68.5% Of DLP violations are protected health information (PHI)
Business vs. Mission Critical
Information Technology is not Genomic Health’s core business; however information delivery is fundamental to our unique science and patient value.
HistoryGenomic Health had “purpose built” systems maintained by “in-house” resources. This model wasn’t going to scale or support growing business needs.
IT CharterAgilityIntegrated & InnovativeScalable & Secure
Cloud storageData & analytics
Collaboration
Payor and pricing management
Line of business apps
Order management
Sample management
Genomic Health’s Data & Analytics Requirements vs. Twitter’s
!
FIND UNDERSTAND SECURE
FIND
Bob Jones in IT
Ashok Kumar in Marketing
Amy Bishop in Finance
Pierre Bonaparte in Research
Side-by-sidecomparisons
17
Risk assessment and discovery of unsanctioned app usage
UNDERSTAND
✔ Who? What group/OU? Where?
✔ What app/category? From what device?
✔ To whom? What content?A contract CRO clinician sent a
patient’s MRI to a counterpart via Box
…to which content…
See what users did…
…and see the who, what, when, where, and with whom
20
8% of data in cloud storage would violate DLP policy if the enterprise knew about it
SECURE✔ Block and coach
✔ Encrypt
✔ Prevent sharing outside of co.
✔ Require justification
✔ Perform “quiet” legal hold
Activity- and data-level
policies
✔ Quarantine and alert users
Standardize on enterprise-approved apps
• Too risky• Unacceptable
terms
Block Speed Bump Block/Coach Context-Driven• Unsanctioned app• Alert/guidance/
justification• “Data may be
made public”
• Sanctioned app/ activity
• DLP• Data = PHI
• If-then context• Person/group• Activity• Data residency
Enforce granular policies
24
Help people do the right thing
Your organization has standardized on Box. Would you like an account?
25
Dr. No
CIO, CISO and Sys Admins alike must broker new conversationswithin institutions.
Find ways to say “YES” while also maintaining appropriate control.