Upload
others
View
12
Download
0
Embed Size (px)
Citation preview
Cloud Security
It’s Not Black and White
Nigel Hawthorn, EMEA Spokesperson
[email protected] +44 7801 487987 @wheresnigel
2McAFEE CONFIDENTIAL
SaaS
Cloud—Shared Responsibility Model
SaaSPaaSIaaS
Service Provider Responsibility
Customer Responsibility
IaaS
3McAFEE CONFIDENTIAL
McAfee Comprehensive Cloud Shared Responsibility Model
Data Classification & Accountability
Client & End-Point Protection
Identity & Access Management
Application Level Controls
Network Control
Host Infrastructure
Physical Security
SaaSPaaSIaaS
100% Service Provider Responsibility
Service Provider feature,
customer configuration
Customer Responsibility
User Responsibility
User/Device/Data control
Collaboration behavior
4McAFEE CONFIDENTIAL
Data Taken From Two Reports
http://bit.ly/NavCloudSky
Published April 2018 – Survey Results Published October 2018 – Real Life Data
http://bit.ly/mcafeecarr
5McAFEE CONFIDENTIAL
How Many Cloud Services Are We Using?
0
5
10
15
20
25
30
35
2013 2014 2015 2016 2017 2018
Estimated
6McAFEE CONFIDENTIAL
Average Number of Cloud Services in Use
0
500
1000
1500
2000
2500
2013 2014 2015 2016 2017 2018
90% ?
5% High Risk
5% Low Risk
7McAFEE CONFIDENTIAL
What are you most concerned about?
◆ Security/regulatory requirements
◆ Collaborative nature of cloud
◆ Lack of Visibility, multiple clouds
◆ Increasing external/internal threats targeting cloud
◆ Well intentioned employee error
◆ Cloud providers’ access to sensitive data
9McAFEE CONFIDENTIAL
10McAFEE CONFIDENTIAL
Did We Just Push Our Users Here?
11McAFEE CONFIDENTIAL
Security Controls Vary by Provider
12McAFEE CONFIDENTIAL
Salesforce
Office 365
Google Docs
Slack
AWS
Custom Apps
Box
ServiceNow
High-
Risk
Shadow
Med/Low-
Risk
Shadow
31%
13%
11%
16%
8%
5%5%
7%
2%
2%
Where is enterprise sensitive data in the cloud?
13McAFEE CONFIDENTIAL
File Sharing In The Cloud
%age of files shared in the cloud%age of cloud users sharing files
14McAFEE CONFIDENTIAL
Who We Share Cloud Data With (externally)
15McAFEE CONFIDENTIAL
Data Exposures in SaaS—Knock Knock
McAfee Discovers Knock Knock
Hacker Exploiting Compromised Admin
Account to hack into Office 365
16McAFEE CONFIDENTIAL
17McAFEE CONFIDENTIAL
Security Controls Vary by Provider (2)
18McAFEE CONFIDENTIAL
IaaS and Custom Apps Fastest Growing Segment of Cloud
464 Custom
Apps
IaaS
38.4% CAGR
SaaS
20.3% CAGR
Source: Gartner
19McAFEE CONFIDENTIAL
How Secure Is The Cloud?
20McAFEE CONFIDENTIAL
Data Exposures in IaaS—Ghost Writer
McAfee Discovers Ghost Writer – S3 Buckets Configured for Write
Access open up Customers to Major Vulnerabilities
21McAFEE CONFIDENTIAL
22McAFEE CONFIDENTIAL
23McAFEE CONFIDENTIAL
Cloud to Cloud Traffic
24McAFEE CONFIDENTIAL
Read the EULA
25McAFEE CONFIDENTIAL
Who’s Responsibility Is Cloud Security?
“Through 2022,
95% of cloud
security failures
will be the
customer’s fault”
26McAFEE CONFIDENTIAL
Network security fails to protect all data in the cloud & mobile era
Data created natively
in cloud is invisible to
network security
Data uploaded to
cloud from mobile is
invisible to network
security
50% of cloud traffic is
cloud-to-cloud and
invisible to network
security
27McAFEE CONFIDENTIAL
Cloud Context
This Can Be Hard – We Need Context
Unmanaged Devices
SaaS
IaaS/PaaS
Apps: Name, Configuration, Posture, Risk
Workloads: Details, Location, Posture
Data: Classification, Tagging, Metadata
Users: Role, Activity, Collaborators
Activities: Access, Read, Write, Download, Upload…
Device: Managed, Unmanaged
Location: Where, When
MVISION Cloud
Cloud Configuration:Audit Trail, Threat Modelling
High Risk Sites:Visibility & Blocking / Coaching
User Behavior:Collaboration Controls / Coaching
Shadow Cloud Usage:Visibility, Control & Integration with SSO
Reduce Risk of Getting it Wrong:Forensic Activity Logging
Unmanaged Devices:Access Policies / DRM / Encryption
Rogue User Activity / Lost Credentials:User Behaviour Analytics& Policies
Confidential Data Sharing:DLP Policies, Access Policies,DRM, Encryption
29McAFEE CONFIDENTIAL
MVISION Cloud: Cloud Access Security Broker
SaaS
IaaS/PaaS
MVISION Cloud
No User Friction
No new agents
API & proxy control
Complete Visibility
and Unified Policies
Across Multiple Cloud
Services
Real Time
Complete Coverage▪ Data at rest
▪ Data uploaded/downloaded
▪ Data created in cloud
▪ Shared Cloud-to-cloud
30McAFEE CONFIDENTIAL
More Information Available In Analyst Reports
NOTE: As of January 2018, Skyhigh Networks is the now part of McAfee.
McAfee, the McAfee logo and [insert <other relevant McAfee Names>] are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the U.S. and/or other countries.
Other names and brands may be claimed as the property of others.
Copyright © 2019 McAfee, LLC.