let’s talk about the current situation that has fueled Netskope’s entry into the market.
• Let’s face it. The way people work has changed. It wasn’t too long ago that users and the services they were accessing were contained within the network perimeter, within the walls of data centers and branch offices.
• but Today users are everywhere, connecting from different devices and different places, and they are also accessing cloud services, which is fueled by the need to collaborate more effectively.
• This new way that people work has presented a challenging scenario where more than a 1/3 of a company’s data is now in the cloud.
So This new way that people work is causing a fundamental shift in the underlying technology that is needed to secure it.
• Starting with the language of the cloud. Legacy tools were built at a time when simply looking at web traffic was good enough. Today’s cloud services speak a different language and that is the language of APIs.
• As we mentioned earlier, users are everywhere. In fact more than 50% of users access cloud services beyond your network so legacy perimeter security tools miss this traffic altogether.
• additionally, Users are also accessing the cloud from sync clients and native apps so legacy tools that look at browser traffic only are missing a big portion of traffic.
• In fact, there is a recent trend tied to automatically syncing all user data from their desktop to the cloud. Google and Apple are examples of this and there is no control over what type of data to sync or not.
• And then there is the rise of cloud-based threats such as data exfiltration taking place from IT-led cloud services like Office 365 to personal cloud apps. There is also a growing concern over advanced malware like ransomware, that uses a combination of the cloud and web to spread and infect victims.
• The net-net is that only by understanding all of these things can you gather data rich enough to solve today’s cloud security use cases.
Legacy security solutions were not architected to deal with today’s environment. This presents a major security gap.
• Speaking of security gaps, it is interesting to take a look at how legacy security tools once disrupted a market segment when they were first introduced, and how the nature of how they deal with threats, access patterns and language have evolved over time.
,
• Starting with the early firewall, inspecting packets on campus and branch networks allowed the right access based on IP and ports.
• That was followed by Web proxies focused on HTTP and governing access for users on campus and branch offices accessing websites and looking for threats using signature-based detection.
• Then came along Next-gen firewalls that performed packet inspection allowing blocking based on app, not just ports, for users consuming apps while on-premises and VPN.
• The cloud has presented a new set of requirements tied to dealing with traffic outside of the perimeter. This includes using a combination of flexible deployment options to cover users when on or off network as well as access methods that include; browsers, mobile apps, desktop apps, and sync clients.
• Getting access to today’s cloud traffic outside the perimeter is only the first step, you also need to understand the language of the cloud in context, which is APIs and JSON.
• Netskope is the security platform that was architected for the way people work today. Only Netskope understands the language of the cloud, covers all access patterns, and protects against cloud-based threats
So Several years ago, Gartner identified gaps that existed in the security stack and came up with a category they call Cloud Access Security Broker or CASB for short. Gartner identifies four pillars of functionality. Visibility, Compliance, Data Security, and Threat Protection. • as you can imagine, Visibility is often the starting point for any organization beginning their cloud journey and it is all about understanding cloud usage and assessing risk
• Compliance is a key consideration when it comes to the cloud. Whether your are a healthcare organization and worried about PHI, a retail company and worried about PCI, or a financial firm worried about FINRA or SOX, compliance in the cloud takes on a different set of requirements compared to traditional on-premises infrastructure
• Data security is top-of mind for any organization and protecting data tied to cloud usage should be a key focus of any CASB
• Last, but not least, is threat protection. It turns out that the cloud presents a perfect opportunity for various strains of malware like ransomware to hide and spread rapidly to unsuspecting victims
• so Gartner is very bullish about the CASB category and in fact they put CASB on their top 10 list of cyber security technologies.
Filling in the gaps that legacy security tools don’t provide for the cloud is top of mind for Gartner and enterprises around the world.
Lets introduce you to Netskope
• Netskope has something really special in place with a great team, innovative technology, and a shared vision to be an iconic security company for many years to come
• Netskope is backed by the top investors in the world and have raised more than $250 million to date
- Much of that investment has gone into R&D and the result is an innovative architecture with 45+ patents with 100s of patents pending
• Netskope is also the most awarded CASB. From recognition of our cloud DLP capabilities to recognition of the company’s overall success
• What Netskope is most proud of, are our customers, which we call cloud trailblazers. The largest enterprises in the world trust Netskope to safely enable the cloud.
• With the backdrop of “you need a security platform that was architected for the way people work today”, I would like to introduce you to the Netskope Active Platform
• now Let’s start with how Netskope is deployed in your environment. There are two primary deployment methods.
The first one is an inline proxy. Netskope can act like a control point between your users and the sanctioned and unsanctioned cloud services they are accessing, providing real-time visibility and control.
• There are several proxy deployment methods
an agent-less forward proxy that steers on-premises users to the cloud,
a reverse proxy deployment that enables you to secure unmanaged devices
to a client deployment that can be installed on Mac, PC, iOS, and Android to give you coverage for mobile and remote users.
• In addition to providing real-time visibility and control via an inline proxy method, Netskope can also be deployed via an API connection to sanctioned cloud services.
You simply grant Netskope access to your sanctioned cloud service using OAUTH and you can then provide out-of-band visibility and control.
-O365 is one of the primary API based cloud apps
• now This method enables you to inspect content repositories of sanctioned cloud services like OneDrive and Box for sensitive data and malware, and put near real-time policies in place such as “restrict shares to private” or “remove public shares”.
• Most Netskope customers combine both methods to expand use cases.
• Now that you have Netskope acting as a control point between users and their cloud services, this is where Netskope provides a rich set of cloud security capabilities.
Think of Netskope not as a piece of software, or as a security tool, but more as a cloud security platform that delivers a variety of security services on the cloud traffic, that it can now see thanks to the deployment options.
• From Discovery, to DLP, to threat protection, to access control, these services were built to help you safely enable the cloud in a way that legacy security products and services can not.
• now The center-piece of the Netskope Active Platform is the Netskope Context Engine.
This enables granular visibility and control of thousands of sanctioned and unsanctioned cloud services.
Only Netskope understands the language of the cloud, and the Netskope Context Engine is the interpreter that makes that possible.
So lets turn to use cases;
• Getting access to a rich set of cloud security services is the first step. Applying those services within the scope of your cloud security strategy is an important next step. Netskope was architected to comprehensively cover your cloud security use cases.
• One of the ways many of our customers approach cloud security is via three phases. The first phase is to use Netskope to discover cloud services in use and assess risk. This is often the starting point for any organization.
<Build>
• so In this example, we have discovered 1,000 cloud services, which is typical for an average enterprise. The next step is optionally followed by identifying and blocking the most risky cloud services. Some of our customers opt to not block anything, and move to applying granular controls to everything instead.
• In this example, let’s say you identify that nearly a third of the cloud services you discover are identified as very risky and you want to block them. This step involves blocking 300 cloud services and using Netskope to implement automated coaching workflows to coach users towards more safe cloud services.
<Build>
• The next step for many customers is to safely enable sanctioned cloud services. These are the cloud services that you have admin access to so – Apps like Office 365, Salesforce, ServiceNow, and others. This is the opportunity to harness the power of the Netskope Active Platform and apply various cloud security services such as access control, granular policies, DLP, encryption, and threat protection.
• Netskope research shows that 5% or less of an enterprise’s cloud services are sanctioned, so in this example, let’s say we have 50 of these sanctioned cloud services that we want to apply cloud security to.
• What’s interesting is that when the CASB market started, these were the primary 2 steps that solutions were architected around. These are important steps, but there is one step that is missing.
<build>
• So In our example, what about the 650 cloud services that are unsanctioned, but we don’t necessarily want to block?
Users rely on these cloud services to be more productive, and get their job done.
We want to permit their use, but we also want to make sure this is a safe environment for users.
• This is one of the key areas that separates Netskope from other CASBs.
Netskope’s unique architecture that understands the language of the cloud, with the ability to perform granular policy control and DLP on thousands of cloud services, means that you can apply the same level of cloud security services to unsanctioned as you can for sanctioned.
• Other CASBs actually force you into a coarse-grained allow or block decision for unsanctioned cloud services because they don’t understand the language of unsanctioned cloud services.
• Again, Netskope was uniquely architected to safely enable both sanctioned and unsanctioned cloud services, enabling you to address the requirements tied to a comprehensive cloud security strategy.
So why are the largest enterprises in the world choosing Netskope?
• It really comes down to four primary reasons
First, Netskope is the only CASB that can address use cases tied to safely enabling unsanctioned or Shadow IT cloud services.
Other CASBs cannot address this use case because they were not architected with the ability to provide granular visibility and control of thousands of cloud services
Their DLP is limited to dozens of apps, not the thousands required to adequately protect against sensitive data loss in unsanctioned cloud services
They don’t understand the language of the cloud. They can’t differentiate between corporate and personal instances of cloud apps and don’t have a policy engine that can adequately deal with thousands of cloud services with support for category-level policies with both allow and block actions.
Next is Netskope’s award-winning cloud DLP. Protecting against sensitive data loss in the cloud is a big use case, and Netskope’s DLP is far ahead of the competition when it comes to breadth of app coverage and accuracy of inspection results.
Netskope also provides the most comprehensive cloud-specific threat protection.
Backed by the Netskope Threat Research labs, our ability to find and stop various strains of malware like ransomware in the cloud, and even help you remediate post infection, separates netskope from other CASBs that provide rudimentary threat protection capabilities.
Last, but certainly not least is our ability to comprehensively cover customer use cases in a way that other CASBs simply cannot.
Our platform was architected with flexible deployment options that enable you to optionally take a crawl-walk-run approach to cloud security, and start with Discovery or a friction-less deployment like API Introspection. • You can then grow into a more advanced deployment method, and go inline using a number of configurations to achieve real-time visibility and control.
The net result is that we are architected to uniquely cover your use cases, today and tomorrow.
In summary you have learned;
you need a security platform that can solve today’s cloud security use cases
How important the CASB category is.
How Netskope is a leader in this fast growing market.