Cloud Security

It’s Not Black and White

Nigel Hawthorn, EMEA Spokesperson

nigel_hawthorn@mcafee.com +44 7801 487987 @wheresnigel

2McAFEE CONFIDENTIAL

SaaS

Cloud—Shared Responsibility Model

SaaSPaaSIaaS

Service Provider Responsibility

Customer Responsibility

IaaS

3McAFEE CONFIDENTIAL

McAfee Comprehensive Cloud Shared Responsibility Model

Data Classification & Accountability

Client & End-Point Protection

Identity & Access Management

Application Level Controls

Network Control

Host Infrastructure

Physical Security

SaaSPaaSIaaS

100% Service Provider Responsibility

Service Provider feature,

customer configuration

Customer Responsibility

User Responsibility

User/Device/Data control

Collaboration behavior

4McAFEE CONFIDENTIAL

Data Taken From Two Reports

http://bit.ly/NavCloudSky

Published April 2018 – Survey Results Published October 2018 – Real Life Data

http://bit.ly/mcafeecarr

5McAFEE CONFIDENTIAL

How Many Cloud Services Are We Using?

0

5

10

15

20

25

30

35

2013 2014 2015 2016 2017 2018

Estimated

6McAFEE CONFIDENTIAL

Average Number of Cloud Services in Use

0

500

1000

1500

2000

2500

2013 2014 2015 2016 2017 2018

90% ?

5% High Risk

5% Low Risk

7McAFEE CONFIDENTIAL

What are you most concerned about?

◆ Security/regulatory requirements

◆ Collaborative nature of cloud

◆ Lack of Visibility, multiple clouds

◆ Increasing external/internal threats targeting cloud

◆ Well intentioned employee error

◆ Cloud providers’ access to sensitive data

9McAFEE CONFIDENTIAL

10McAFEE CONFIDENTIAL

Did We Just Push Our Users Here?

11McAFEE CONFIDENTIAL

Security Controls Vary by Provider

12McAFEE CONFIDENTIAL

Salesforce

Office 365

Google Docs

Slack

AWS

Custom Apps

Box

ServiceNow

High-

Risk

Shadow

Med/Low-

Risk

Shadow

31%

13%

11%

16%

8%

5%5%

7%

2%

2%

Where is enterprise sensitive data in the cloud?

13McAFEE CONFIDENTIAL

File Sharing In The Cloud

%age of files shared in the cloud%age of cloud users sharing files

14McAFEE CONFIDENTIAL

Who We Share Cloud Data With (externally)

15McAFEE CONFIDENTIAL

Data Exposures in SaaS—Knock Knock

McAfee Discovers Knock Knock

Hacker Exploiting Compromised Admin

Account to hack into Office 365

16McAFEE CONFIDENTIAL

17McAFEE CONFIDENTIAL

Security Controls Vary by Provider (2)

18McAFEE CONFIDENTIAL

IaaS and Custom Apps Fastest Growing Segment of Cloud

464 Custom

Apps

IaaS

38.4% CAGR

SaaS

20.3% CAGR

Source: Gartner

19McAFEE CONFIDENTIAL

How Secure Is The Cloud?

20McAFEE CONFIDENTIAL

Data Exposures in IaaS—Ghost Writer

McAfee Discovers Ghost Writer – S3 Buckets Configured for Write

Access open up Customers to Major Vulnerabilities

21McAFEE CONFIDENTIAL

22McAFEE CONFIDENTIAL

23McAFEE CONFIDENTIAL

Cloud to Cloud Traffic

24McAFEE CONFIDENTIAL

Read the EULA

25McAFEE CONFIDENTIAL

Who’s Responsibility Is Cloud Security?

“Through 2022,

95% of cloud

security failures

will be the

customer’s fault”

26McAFEE CONFIDENTIAL

Network security fails to protect all data in the cloud & mobile era

Data created natively

in cloud is invisible to

network security

Data uploaded to

cloud from mobile is

invisible to network

security

50% of cloud traffic is

cloud-to-cloud and

invisible to network

security

27McAFEE CONFIDENTIAL

Cloud Context

This Can Be Hard – We Need Context

Unmanaged Devices

SaaS

IaaS/PaaS

Apps: Name, Configuration, Posture, Risk

Workloads: Details, Location, Posture

Data: Classification, Tagging, Metadata

Users: Role, Activity, Collaborators

Activities: Access, Read, Write, Download, Upload…

Device: Managed, Unmanaged

Location: Where, When

MVISION Cloud

Cloud Configuration:Audit Trail, Threat Modelling

High Risk Sites:Visibility & Blocking / Coaching

User Behavior:Collaboration Controls / Coaching

Shadow Cloud Usage:Visibility, Control & Integration with SSO

Reduce Risk of Getting it Wrong:Forensic Activity Logging

Unmanaged Devices:Access Policies / DRM / Encryption

Rogue User Activity / Lost Credentials:User Behaviour Analytics& Policies

Confidential Data Sharing:DLP Policies, Access Policies,DRM, Encryption

29McAFEE CONFIDENTIAL

MVISION Cloud: Cloud Access Security Broker

SaaS

IaaS/PaaS

MVISION Cloud

No User Friction

No new agents

API & proxy control

Complete Visibility

and Unified Policies

Across Multiple Cloud

Services

Real Time

Complete Coverage▪ Data at rest

▪ Data uploaded/downloaded

▪ Data created in cloud

▪ Shared Cloud-to-cloud

30McAFEE CONFIDENTIAL

More Information Available In Analyst Reports

NOTE: As of January 2018, Skyhigh Networks is the now part of McAfee.

Thank You

+44 7801 487987

@wheresnigel

Nigel_hawthorn@mcafee.com

McAfee, the McAfee logo and [insert <other relevant McAfee Names>] are trademarks or registered trademarks of McAfee, LLC or its subsidiaries in the U.S. and/or other countries.

Other names and brands may be claimed as the property of others.

Copyright © 2019 McAfee, LLC.