5 highest-impact casb use cases - office 365
Post on 16-Apr-2017
763 Views
Preview:
TRANSCRIPT
Netskope © 2015, Optiv Security Inc. © 2015 2
“By 2017, organizations that have made a strategic decision to invest in cloud applications for mission-critical workloads will consider CASBs to be an essential security
control.”
© 2016 Netskope. All Rights Reserved.
3© 2016 Netskope. All Rights Reserved.
What is a Cloud Access Security Broker?
• Defined by Gartner in 2012;• Cloud-based or on-premises;• Sits between user and cloud app;• Visibility and control of cloud apps as
they are accessed;• Example policies: Authorization,
encryption, tokenization, logging, alerting, authentication
4© 2016 Netskope. All Rights Reserved.
Gartner’s Four Pillars of CASB
VISIBILITY
DATA SECURITY
COMPLIANCE
THREAT PROTECTION
© 2016 Netskope. All Rights Reserved. 7
917 Apps Per Enterprise – It’s Easy to Buy and Use Them!
10%
70%
20%
Mos
tly U
nsan
ctio
ned
San
ctio
ned
IT-led
Business-led
User-led
Data Breaches
Failed Audits =Fines, Penalties
Loss or Theft of IPor Sensitive Data
Loss of Reputation, Business Disruption
© 2016 Netskope. All Rights Reserved. 9
© 2016 Netskope. Company Confidential 10
Four ways users interact with Office 365
WebBrowser
MobileApp
AppEcosystem
SyncClient
© 2016 Netskope. Company Confidential 11
Safe cloud enablement starts with covering all sources
Browser
SyncClient
MobileApp
AppEcosystem
• Are risky activities taking place?
• Is sensitive data leaking? Where?
• Do users with unmanaged devices have the same level of access as users with managed devices?
• What is your exposure to threats such as malware or ransomware?
Use Case #1Find sensitive data in OneDrive and
SharePoint
Prevent sensitive data leakage in
Office 365 and to app ecosystem
14
1. API connection to enable eDiscovery of content in OneDrive and SharePoint
2. Inline deployment with ability to decode traffic to get real-time visibility and control over activities in Office 365 suite
3. Ability to associate personal and corporate cloud app account credentials
4. Ability to cover web browsers, OneDrive sync client, Office mobile apps, and apps in O365 ecosystem
5. Cloud DLP engine to identify sensitive content in and enroute to and from O365
CASB Requirements
16
1. Inline deployment options to get access to Outlook.com traffic in real-time
2. Ability to decode details in real-time about activity and data connected to Outlook.com
3. Cloud DLP engine to identify sensitive content being sent in Outlook.com email body and attachments
4. Ability to cover both web browsers and mobile apps
CASB Requirements
Netskope © 2015, Optiv Security Inc. © 2015
Use Case #3Provide granular access control to
Office 365 for managed and
unmanaged devices
18
1. Ability to classify managed vs. unmanaged devices
2. Ability to set granular policies based on device classification
3. E.g. “only allow full Outlook access for managed devices and force OWA for unmanaged”
CASB Requirements
Use Case #4Find data exfiltration going from Office 365 to unsanctioned apps
Source: AT&T Cybersecurity Insights
20
1. Inline deployment options to get access to both Office 365 and unsanctioned cloud traffic
2. Ability to decode details in real-time about activity and data
3. Ability to correlate events and perform anomaly detection
4. Need to see cloud usage details from browsers, OneDrive sync clients, and Office 365 mobile apps
CASB Requirements
22
1. Ability to scan SharePoint sites and OneDrive for various malware types and quarantine the malware
2. Ability to replace the eradicated malware with a tombstone file, letting the user know of the action taken
CASB Requirements
Netskope © 2015, Optiv Security Inc. © 2015
5: Find malware in OneDrive and SharePoint and quarantine it
3: Provide granular access control to Office 365 for managed and unmanaged devices
2: Prevent sensitive data leakage via Outlook.com email
4: Find data exfiltration going from Office 365 to unsanctioned apps
1: Find sensitive data in OneDrive and SharePoint and prevent sensitive data leakage in Office 365 and to app ecosystem
top related