Empowering Your Business in the Cloud Without Compromising Security

Transcription

1 Empowering Your Business in the Cloud Without Compromising Security

2 Cloud Security Fabric CloudLock offers the cloud security fabric for the enterprise that helps organizations protect their sensitive data in and across public cloud applications such as Google Apps, Salesforce, Dropbox, Box, ServiceNow, third-party connected and other apps. The cloud-native security service provides customers the only complete, risk-appropriate, and people-centric solution to protect data, reduce risk, achieve compliance, manage threats and increase business productivity in the cloud. The Cloud Security Fabric for the Enterprise Protect Sensitive Data in the Cloud Mitigate Threats & Risks Achieve Regulatory Compliance Align Security with the Business Cloud-Native Continuous Monitoring No Impact on End Users CloudLock s end-user notifications let us embrace the collaborative benefits of going cloud without concerns over data loss or accidental exposure. Brian Carlson, Senior Systems Programmer at ACI Payment Systems 01

3 How it Works Cloud Security Fabric The expanding cloud economy has changed the way users collaborate and how data is shared. IT and security teams need agility to harness the benefits of the cloud and support business opportunities while keeping their company s critical assets secure. CloudLock offers the cloud Security Fabric for the enterprise. The cloud-native security service provides customers the only complete, risk-appropriate, and people-centric solution to protect data, reduce risk, achieve compliance, manage threats and increase business productivity in the cloud. Cloud-Native CloudLock lives in the cloud with your apps, data and users: Completely SaaS-based No impact on end user experience API-based No changes to the underlying infrastructure No network configurations, agents, reverse-proxies or gateways Deploys in minutes Manage the Entire Cloud Data Protection Lifecycle Discover: Identify web and mobile applications that are directly connected to your corporate systems. Classify: Setup configurable policies unique to your environment. Automatically classify sensitive data based on content (e.g. PHI, PCI, PII, IP) and context (e.g. which users are sharing information from where). Control: Manage incidents in real-time and enforce policies with risk-appropriate and people-centric remediation actions. With CloudLock, we are able to identify which types of information are sensitive and mark them as such. This gives us a sense of confidence knowing where our most critical IP assets are, letting us identify inadvertent sharing to prevent data leakage and exposure. Doug Meier, Director of Security and Compliance, Pandora 02

4 Security Fabric Services Cloud Security Fabric Only CloudLock provides a complete cloud-security fabric that protects your corporate assets based on a cloud-native architecture. Leverage the power and intelligence of the fabric s core services in one unified Dashboard and central policy framework. Content Analysis Context Analysis User Behavior Monitoring Incident Management Central Auditing Policy Automation Encryption Management Security Analytics App Discovery App Control Content Analysis Continuously monitor structured (PCI, PHI, PII) and unstructured sensitive data (IP, project code names) in real-time. Determine if data is sensitive, toxic or subject to regulations. Context Analysis Analyze your documents and files for sensitive information based on file ownership, sharing and access patterns with CloudLock s heuristic algorithms. Setup context rules once and apply them for all of your cloud applications. User Behavior Monitoring Setup thresholds in centralized policies and continuously monitor user activity to detect potential anomalies and significant changes that may suggest malicious behavior. Alert IT and security operations with real-time alerts and incidents when suspicious activity occurs. Incident Management Centrally manage and investigate incidents across your entire public cloud portfolio. Prioritize incidents based on business impact and track them to closure. Easily view and filter incidents based on severity level, object type, cloud app, and other criteria. 03

5 Cloud Security Fabric Central Auditing Track user access of privileged user modifications and change permission history. Record an immutable audit log of all actions performed as evidence for regulatory compliance and internal policies. Policy Automation Leverage rich policy templates (e.g. PCI, PII, IP, regular expressions) to safeguard your most critical assets. Classify your data based on your unique requirements to identify and manage toxic, restricted and confidential information. Automate response actions and notifications to your end users with fully automated remediation management capabilities. Encryption Management Leverage industry best AES-256 password-based cloud encryption and key management technology. Empower your end-users to selectively encrypt sensitive information and securely share and collaborate with anyone with whom they share the password, inside or outside of your organization. Security Analytics View critical security KPIs and exposure trends. Leverage out-of-the box security and compliance reports to meet regulatory requirements with internal and external auditors. Tap into the power of a crowd-sourced decision support system with CloudLock s Community Trust Rating. App Discovery Discover risk in more than 77,000 shadow apps that directly connect into your corporate environment App Control Whitelist or blacklist apps based on crowdsourced risk ratings. Increase employee awareness with alerts and revoke apps in bulk across the entire user base. 04

6 Cloud Security Fabric Cloud-to-Cloud Data Protection Solutions Most collaboration now happens cloud-to-cloud, i.e. users and applications communicate with each other without ever going through a corporate network. CloudLock is the only solution that can detect 100% of sensitive information in public cloud applications from corporate networks to mobile devices, on the road or any third-party data sources. Cloud Data Protection App Discovery & Control Continuously monitor SaaS and PaaS environments for sensitive data Secure your public cloud apps with DLP policies Manage the entire incident lifecycle and automate response actions Discover risk in Shadow apps that directly connect into your corporate environment Gain insight into apps with Community Trust Ratings Control which apps are enabled and revoked Discover and control PII, PCI, PHI and IP data Comply with regulations such as PCI DSS, HIPAA, SOX, CIPA, FISMA and FERPA Risk & Compliance Management Control risk with automated policies Threat Protection Monitor user activity to detect user anomalies Track privileged user access modifications Alert security teams about compromised accounts with realtime alerts Auditing & Forensics Investigate suspicious behavior Document an immutable audit trail of key actions Maintain evidence for compliance and forensics 05

7 Cloud Security Fabric Why CloudLock Centrally Manage Your Entire Public Cloud Portfolio Cloudlock manages the security of all your public cloud apps with our unified dashboard and policy framework. Cloud to Cloud Data Protection CloudLock protects data in the cloud, not from it. Most collaboration now happens cloud-to-cloud, i.e. users and applications communicate with each other without ever going through a corporate network. People-Centric Cloud Security Because CloudLock s solution has direct access to the underlying cloud applications through APIs, there is zero impact on the end-user experience. Your end users won t even know they are using CloudLock unless a policy violation occurs. With flexible remediation options your organization decides who gets notified and what actions are expected. Maximum Return on Security Deploy CloudLock in a matter of minutes. You ll see a reduction in risk and increased business productivity in days, not weeks or months. 06

8 CloudLock by the Numbers 77,000 6million 750million Third-Party Apps Discovered Users Under Management Files Monitored Daily Our Customers CloudLock enables more than 6 million users to leverage the benefits of the cloud at some of the largest and fastest growing organizations in the world. CloudLock s solution delivers the ability to scale to serve our 27,000 employees. John Bingham, Chief Information Security Officer, Whirlpool Corporation Trusted and Secure CloudLock offers the cloud security fabric enabling enterprises to protect their data in the cloud, reduce risk, achieve compliance, manage threats and increase productivity. By analyzing 750 million files for more than 6 million end users daily. CloudLock delivers the only complete, risk-appropriate and people-centric approach to cloud security. cloudlock.com info@cloudlock.com