Cyber Tech Israel 2016: Get Your Head in the Cloud

Get Your Head in the Cloud: A Practical Model for Enterprise Cloud Security

Vishal Gupta, Vice President, Symantec Enterprise Security Group

MAGIC SHOW How to deliver 47 slides in 15 minutes

Copyright © 2014 Symantec Corporation2

WarningThis is a short fifteen minute presentation. No superfluous content is enclosed. There are no cloud adoption metrics, no data breach statistics, no distracting logos or graphics

and absolutely no diagrams with concentric circles, pyramids, arrows or other geometric shapes regularly used

to convey depth of information. No part of this presentation is fictional and all resemblance to real organizations and

people is completely intentional.


there is only one word you need to know when talking about the cloud


CONTROL


all the benefits you receive from moving to the cloud: agility, elasticity, and low cost are received by giving up


CONTROL


all the challenges you face in the cloud: security, compliance, data residency, data privacy and management are rooted in your lack of


CONTROL


the only reason you have not moved your critical workloads to the cloud is because you cannot afford to give up


CONTROL


you want to keep the benefits but resolve the challenges


CONTROL?how do you give it away and keep it at the same time


WarningThis is a short fifteen minute presentation. No superfluous content is enclosed. There are no cloud adoption metrics, no data breach statistics, no distracting logos or graphics

and absolutely no diagrams with concentric circles, pyramids, arrows or other geometric shapes regularly used

to convey depth of information. No part of this presentation is fictional and all resemblance to real organizations and people is completely intentional.

Revised∧

just a few


this is your enterprise – your temple of complete

CONTROL


before cloud, you held your infrastructure and applications safe within its walls

---------------


then cloud happened

---------------


your infrastructure started moving over

---------------

CONTROLyou lost some


---------------

your applications started moving over too ---------------


---------------

---------------

CONTROLyou lost more


---------------

---------------

in addition cloud endpoint, mobile, BYOD, have all spiraled


---------------

---------------

CONTROL

out of your


that teeny tiny bit is all you seem to have left

CONTROL


CONTROLwould you like to get it back?


audience tongue twister testcan you say the following

HE WHO CONTROLS THE CONTROL POINTS CONTROLS THE CONTROL


CONTROL = CONTROL POINTS


---------------

---------------

lets add some control (points) back to the picture


---------------

---------------

endpoints

SaaS

IaaS/PaaSstorage

the cloud killed the perimeter – what shall we do about that control point?


hold that thought


also remember – cloud challenged SIEMhold that thought too


A MODERN CONTROLS BASED MODEL FOR SECURITY


securing the modern endpoint


---------------

endpoints

the modern endpoint is heterogeneous

IaaS/PaaS


traditional, mobile, multiple clouds devices, desktops, servers

---------------

endpoints

IaaS/PaaS

WE NEED HOMOGENOUS SECURITY ACROSS HETEROGENOUS ENDPOINTS

34

---------------

endpoints

IaaS/PaaS

ENDPOINT

REMEMBER… CONTROL = CONTROL POINTS

1 Grab a common security agent

2 Embed in your on-prem endpoints

3 Put it on your mobile endpoints

4 Natively integrate it into your IaaS/PaaS infrastructure

5 Enjoy the control• Homogenous policies• Visibility, Control and Compliance• Correlation and Analytics


securing modern applications


---------------

---------------

modern applications live in the cloud

SaaS


---------------

---------------

we don’t control any part of that stackwhere shall we put our control point?

SaaSWE NEED A NEW CONTROL POINTTHE CLOUD SECURITY BROKER


---------------

---------------

SaaS

APPLICATIONS

1 External control point

2 Proxy and API based

3 Context, content and identity aware

4 Enjoy the control• Email, storage and application support• Event monitoring, SSO, data protection• Compliance and audit ready

remember the first thought you were holdingTHE CLOUD SECURITY BROKER


so what?


---------------

endpoints

IaaS/PaaS

---------------

SaaS

storage

---------------

ANALYTICS

when all these control points can communicate intelligentlywhat you get is nothing short of

MAGIC


---------------

endpoints

IaaS/PaaS

---------------

SaaS

storage

---------------

ANALYTICS

get ready to harness the power of the cloud

---------------

1 The cloud powered SOC

2 The future of SIEM – on-prem and cloud telemetry

3 Cross-control point data correlation

4 Enjoy the control• Advanced Threat Protection• User behavior, data flow and threat

intelligence• Prioritized and actionable

WITHOUT GIVING UP CONTROL


there is only one word you need to know when talking about the cloud


CONTROL


actually, there is a second thing you need to know about control in the cloud


you can have it today with

Thank you!

Copyright © 2014 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Vishal Gupta

46

Technology

Cyber Tech Israel 2016: Get Your Head in the Cloud