Visibility and Control for Sanctioned & Unsanctioned Cloud Apps
|
|
|
- Christal Gregory
- 8 years ago
- Views:
Transcription
1 Visibility and Control for Sanctioned & Unsanctioned Cloud Apps Walter Doria Technical Director Exclusive Networks Gabriele Buratti Principal SE Imperva
2 Today s Agenda Introductions & Discussion Market Overview, Trends, Risks & Gaps Understanding Imperva Skyfence Use Cases Deployment Considerations Live Demo Q & A 2
3 Who is Skyfence? What do we do? Enable organizations safe and productive use of corporate SaaS applications Why is it relevant? The cloud app trend has created a visibility and control blind spot for IT that cannot be addressed by traditional controls Part of Imperva (NYSE: IMPV) Acquired in February 2014 for $60M Imperva Background Founded in employees Customers in 75+ countries Enterprise Customers Highest returning IPO of 2011 Gartner WAF MQ: Imperva is alone as the Leader 3
4 Market Overview Cloud Access Security Brokers CASB named #1 in top 10 technologies for IT Security in 2014 By 2017, those making a strategic decision to invest in cloud apps for mission-critical workloads will consider CASB essential The CASB market will reach $500 million by year-end 2017 Two primary use cases for IT: Risk Assessment Most of the market in 2014, enterprise customers, all verticals Offline deployment 3 rd party logs, API, or web-access Monitoring & Enforcement Rapidly catching-up, expected 100% penetration by 2017 Inline deployment Forward / reverse proxies, SWG integrations, endpoint agents 4
5 Data Proliferation to the Cloud Customer-facing Applications Moving to IaaS or PaaS providers Employee-facing Applications are SaaS and Cloud Apps Traditional Data Center 5
6 Challenges of Cloud Apps and Shadow IT Corporate Employees, Mobile Workers and Hackers Cloud Applications No visibility into who is using what apps No way to assess cloud apps risks and prioritize Unable to monitor and analyze all activity No endpoint control capabilities for cloud apps Cloud apps are a prime target for hackers and malicious insiders data exfiltration 6
7 Visibility and Control for Cloud Applications Corporate Employees, Mobile Workers and Hackers Cloud Applications Cloud Security Suite Cloud Discovery & Governance (Offline) Discover Shadow IT Apps & Assess Risk Review User Entitlements to Find Dormant & Orphaned Accounts Centrally Assess Security & Configuration Settings of Cloud Apps Cloud Audit & Protection (Inline) Monitor Activity of Users & Admins Push to SIEM Endpoint & Data Access Controls with Risk-based MFA Detect Anomalies & Prevent Account Takeover Attacks 7
8 Skyfence Risk Governance Understand Your Specific Risks User Entitlements Review Dormant Users cost reduction opportunity Orphaned Accounts risk of ex-employees access External User partners, suppliers with access Application Configuration Review Benchmark current configuration with best practices Mitigate risks associated with configuration issues Integrated Remediation Workflow Assign tasks to resolve user & application issues 9
9 Common Skyfence Use Cases for the Cloud Secure Office 365 Users Endpoint access control Monitor & control uploads and downloads Prevent account takeover Control Collaboration and File Sharing Visibility over sharing of unstructured data Data security Manage AWS Console Users Discovery of AWS console users Risk-based strong authentication Blocking/controlling high-risk actions Prevent account takeover Discover Line of Business Apps Sanctioned and unsanctioned Over 5,000 apps supported (Salesforce, NetSuite, etc.) 10
10 Metro Bank Uses Skyfence to Secure Office 365 Apps Background Fast-growing, UK-based bank 1400 users Office 365 apps: , SharePoint, Yammer, and OneDrive Challenges Employees require remote access to Office 365 apps Microsoft IP fencing was ineffective at controlling BYOD access Required non-intrusive approach no impact to end users Integrate with AirWatch MDM deployment Solution Benefits Global enforcement of access controls Consistent, detailed, and clear visibility into all cloud app activity PCI DSS compliance for cloud access outside of the organization 11
11 Cloud Access Security Delivered with Incapsula CDN Solves Key Customer Issues Security Performance Scalability Single Architecture for all Apps Customer-facing Production Apps Employee-facing SaaS Apps (Salesforce, Office 365, etc.) 13
12 See What You Are Missing Illuminate Shadow IT Free Download for Cloud App Discovery Windows and Mac versions Scans Web Proxy, SIEM, and Firewall logs Quantify apps, users, activities, & risk Includes free online support & Knowledge Base Corporate Network Corporate Network 1 Scan 2 Review Results LOG Files Firewall / Web Proxy Cloud Discovery Tool Discovered Apps 16
13 Flexible Enterprise Deployment Options Reverse Proxy Forward Proxy SAML Redirect SWG Integration / Endpoint clients Corporate / Managed BYOD Corporate / Managed BYOD Pros Cons Pros Cons BYOD Requires SSO Doesn t require SSO No BYOD No endpoint agents No endpoint config Limited desktop / mobile apps support* Full desktop / mobile apps support Endpoint agents Endpoint config * Supported features include limited User Access Control, full support requires agent installation 17
14 Skyfence Cloud Gateway Live Demo 18