Upload
bitglass
View
178
Download
1
Embed Size (px)
Citation preview
Total Data ProtectionOutside the Firewallsolving
cloud security
challenges in higher ed
webinar
■ security challenges
■ solutions■ case study■ about us
security vs collaboratio
n
regulatory environs
higher ed specific
challenges
shadow IT proliferatio
n
democratized IT
rapid shadow IT proliferation
“a college campus is a melting pot of devices [and] applications” – Forbes
■ CIOs are only aware of 15% of cloud apps in use
■ 57% don’t participate in BYOD programs
source: cisco cloud blog
regulations governing PII in the cloud
multiple legislative mandates govern educational data in the cloud
■ FISMA: protects federally-funded research
■ FERPA: protects student records
■ HIPAA: governs med schools and medical research
major apps, including Dropbox and Box provide limited visibility and few means of controlling access
the conflict between security + collaboration:
IT must be responsive to user needs
the power of the masses:a force to be reckoned with
■ “byod” usage predates smartphones
■ differing approaches required in higher ed IT vs corporate IT
■ necessity of a flexible security framework
■ security challenges
■ solutions■ case study■ about us
potential solutions service
blockage
traditional / “bolt on”
security
cloud access security broker
(CASB)
traditional security
approaches are
inadequate
total service
blocking:
an often futile attempt at control
CASB: a better approach to cloud security
identitydiscoverydata-centric
security
casb discovery:gain visibility into your org’s cloud usage
■ analyze outbound data flows to learn what SaaS apps your organization is using
■ understand risk profiles of different apps
■ essential in process of enabling secure cloud app usage
casb security:a data-centric approach
the new data reality requires a new security architecture
■ cross-device, cross-platform agentless data protection
■ granular DLP for data at rest and in motion
■ contextual access control
■ detailed logging for compliance and audit
casb identity:centralized identity management is key in securing data
■ cloud app identity management should maintain the best practices of on-prem identity
■ SSO enables cross-app visibility into suspicious access activity
■ security challenges
■ solutions■ case study■ about us
case study
situation:
■ dropbox used campuswide by faculty and staff for internal/external file sharing
needs:
■ cross platform data protection
■ secure mobile access
key features:
■ visibility
■ contextual access control
■ DLP / data controls
■ security challenges
■ solutions■ case study■ about us
about bitglass
total data
protectionoutside the
firewall est. jan 2013
CA, NY, MA,
IL, NC19
resources:more info about cloud security
■ Definitive Guide to CASBs■ Bitglass Report: Cloud Adoption by Industry