Se ha denunciado esta presentación.
Utilizamos tu perfil de LinkedIn y tus datos de actividad para personalizar los anuncios y mostrarte publicidad más relevante. Puedes cambiar tus preferencias de publicidad en cualquier momento.

Bridging the Office 365 Security Gap - Redmond Media

193 visualizaciones

Publicado el

In partnership with Redmond Media, we explore how Office 365 security is evolving and where a CASB fits into your cloud security strategy.

Publicado en: Tecnología
  • Sé el primero en comentar

  • Sé el primero en recomendar esto

Bridging the Office 365 Security Gap - Redmond Media

  1. 1. webinar sept 28 2016 bridging the o365 security gap
  2. 2. STORYBOAR office 365 is the leading SaaS productivity suite: market share has tripled year over year 2014 2015 google apps office 365 other 16.3% 7.7% 76% 22.8% 25.2%52%
  3. 3. poll: what are your office 365 migration plans?
  4. 4. STORYBOAR the traditional approach to security is inadequate
  5. 5. STORYBOAR the data blind spot: enterprises can’t rely solely on native app security enterprise (CASB) end-user devices visibility & analytics data protection identity & access control application storage servers network 5
  6. 6. STORYBOAR a security balancing act: empower users, maintain control ■ Visibility and control over corporate data in Office 365 ■ Prevent unauthorized access ■ Limit external sharing ■ Restrict access on unmanaged devices ○ Managing OneDrive sync, access in risky contexts, more
  7. 7. STORYBOAR components of o365 security identity cloud access mobile
  8. 8. STORYBOAR cloud: protect data-at-rest in o365 ■ External sharing opens the door to unintended leaks ○ API-based controls can restrict sharing of sensitive data ■ User behavior analytics, logging ○ Little in-app visibility, no cross-app visibility ○ Third-party solutions are built with compliance in mind
  9. 9. STORYBOAR access: native security provides limited visibility ■ More access, greater risk of data leakage ○ Granular access controls can limit risky access ■ DLP is critical to securing sensitive data in risky contexts ○ Complete security solutions should be content-aware, apply DLP at access
  10. 10. STORYBOAR mobile: distinguish between managed and unmanaged devices ■ Employees have rejected MDM and MAM ■ IT must securely enable access to frequently used apps ■ Allow different levels of mobile access based on device type, user, etc.
  11. 11. STORYBOAR identity: centralized identity management is key to securing data ■ Cloud app identity management should maintain the best practices of on-prem identity ■ O365 can identify some but not all high- risk logins ■ Prevent use of compromised credentials with cross-app IAM, step-up MFA
  12. 12. STORYBOAR ■ BYOD blindspot - O365 DLP is not geared toward protecting data on BYOD ■ High operational overhead - Complex to configure and maintain ■ Difficult deployment - Sharepoint/OneDrive DLP integration requires Office 2016 on PCs ■ High cost - Must have top of the line license ■ Point solution - Support focused on Office 365, what about other cloud apps? office 365 native dlp: complex, costly, and doesn’t work across apps
  13. 13. poll: what cloud security functions are most important?
  14. 14. STORYBOAR casb security: a data-centric approach o365 requires a new security architecture ■ Cross-device, cross-application agentless data security ■ Real-time data protection ■ Limit high-risk activities like external file sharing, unmanaged access ■ User behavior analytics
  15. 15. STORYBOAR managed devices application access mode data protection unmanaged devices & mobiles in the cloud ● profile-agent ● VPN+IP-restriction ● DLP/DRM/encryption ● Device controls, e.g PIN ● Agentless Selective wipe ● Client apps: allow/block ● OneDrive ● Sharepoint ● API ● Quarantine DLP ● Block external shares ● Alert on DLP events office 365 use case: real-time inline data protection on any device Legacy Auth Apps e.g Office 2010 ● Full access Modern Auth Apps e.g Office 2013+ ● profile agent ● VPN+IP-restriction ● certificates ● Full access ● Browser ● ActiveSync Mail ● Client apps ● Reverse-proxy + AJAX-VM ● ActiveSync Proxy 15
  16. 16. STORYBOAR client ■ 180,000 employees ■ Among the largest US healthcare orgs challenge ■ HIPAA Compliant cloud and mobile ■ Controlled access to Office 365 from managed & unmanaged devices ■ Control external sharing ■ Real-time inline data protection solution ■ Real-time inline protection on any device ■ Contextual access control on managed & unmanaged devices (Omni) ■ Real-time DLP on any device ■ API control in the cloud ■ Agentless BYOD with selective wipe ■ Enterprise-wide for all SaaS apps secure office 365 + byod major healthcare firm
  17. 17. STORYBOAR secure salesforce + office 365 17 client ■ 20,000 employees ■ Global presence ■ $6T in assets under management challenge ■ Needed complete CASB for enterprise-wide migration to SaaS ■ Security for Office 365 ■ Encryption of data-at-rest in Salesforce solution ■ Searchable true encryption of data in Salesforce ■ Real-time inline DLP on any device (Citadel) ■ Contextual access control on managed & unmanaged devices (Omni) ■ API control in the cloud ■ Discover breach & Shadow IT financial services client
  18. 18. STORYBOAR our mission total data protection est. jan 2013 200+ customer s tier 1 VCs
  19. 19. resources: more info about office 365 security ■ whitepaper: definitive guide to casbs ■ case study: fortune 100 healthcare firm secures o365 ■ video: securing office 365
  20. 20. STORYBOAR @bitglass