Embed Size (px)
Citation preview
SECURING REMOTE COLLABORATIONwith Slack and Microsoft Teams
BRIEF | CASB+ for with Slack and Microsoft Teams
© 2020 CipherCloud, Inc. All rights reserved Page: 2
Overview
Features
Secure Remote Collaboration with CipherCloud CASB+ Cloud Security Controls
The current unprecedented shift to remote working envi-ronments due to COVID-19 has challenged organizations to adopt cloud-based collaboration tools to maintain business continuity. This has brought two very popular workplace collaboration apps to the center stage - Slack and Microsoft Teams. Both these apps allow online communication and re-al-time information sharing, keeping the remote workforce connected and productive. While organizations are still adapting to this new work-from-home norm, they also need to focus on an equally serious topic - how to ensure data protection and compliance in a remote work environment?
CipherCloud CASB+ enables secure collaboration with-in Slack and Teams with granular file-sharing controls and stateful inspection of data and application. In-depth visibili-ty into the content, data classification and context-sensitive controls allow users to collaborate freely. CASB+ end-to-end data protection, advanced threat protection, and com-prehensive compliance capabilities ensure confidential and sensitive data is protected at all locations - in the cloud and on the user devices. The CASB+ capabilities enable you to adopt cloud apps with the confidence of keeping control and knowing your data will always be protected.
The agent-less architecture of CASB+ ensures quick, fric-tionless deployment, delivering full CASB functionality without any resource-intensive installation of agents and expensive upkeep.
Deep Visibility
CipherCloud CASB+ provides deep visibility into cloud col-laboration apps. This lets you better understand how data is being shared by Slack and Teams users. This visibility also helps you identify and protect sensitive and private regulat-ed data to prevent accidental disclosure or exposure
Achieve full visibility and security for users, devic-es, links and data usage in Slack, Teams and other messaging applications.
Powerful user behavior analytics to detect bad be-havior by users, devices or applications and imme-diately remediate, mitigate or isolate the threat.
Identify and protect from malicious activity by verified cloud users.
Identify and prevent sensitive data shares such as intellectual property, GDPR, CCPA, or any PII such as medical, social security or credit card informa-tion.
Safely collaborate from remote work locations using personal devices, without the fear of data leaks, data loss or malware infections.
Single pane-of-glass view for email security, col-laboration and infrastructure to view and moni-tor system and user activity.
Shadow IT Discovery provides a clear picture of the risky clouds in use by scanning over 20,000 cloud applications and analyzing over 60 attri-butes to calculate the cloud risk score.
Deep Application Intelligence secures all major application activities, and not just data upload and downloads. CASB+ discovers and differenti-ates between different application instances in use to manage external collaboration and pre-vent open shares to secure files and folders in real-time.
Cloud Data Discovery (CDD) allows organiza-tions to discover and classify data already stored in leading SaaS applications.
User and Entity Behavior Analytics (UEBA) uses machine learning to monitor user activity, includ-ing the time of day of activity, attempts at bulk file download, and other anomalous behavior. UEBA can make real-time decisions to flag unusu-al activity or block it based upon variation from normal patterns. For example, identifying and preventing an employee to download unusually large amounts of documents at odd hours of the day.
BRIEF | CASB+ for with Slack and Microsoft Teams
© 2020 CipherCloud, Inc. All rights reserved Page: 3
Adaptive Cloud Control
CipherCloud CASB+ identifies and protects from unautho-rized account access with zero trust cloud security controls, delivering end-to-end user and data security from any de-vice, application, user or location
Integration with IDaaS solutions, such as Okta, to verify the user-integrity and control access at the door with Single Sign-On (SSO) and Multi-Factor Authentication (MFA).
Continuous risk assessment of verified users with Adaptive Access Controls (AAC), blocking access, even to what appear to be authorized users, based upon access context that includes, platforms used, time of day, originating location, and more that might suggest the theft, compromise of authen-tication credentials, or a sophisticated cyber-at-tack. For example, if someone attempts to log in using your credentials from Shanghai, China, one hour after you have logged in from Detroit, Mich-igan, AAC would immediately identify and stop this activity.
Powerful Data Privacy and Protection
CipherCloud CASB+ provides industry-leading Data Loss Prevention (DLP), end-to-end Zero Trust encryption, and comprehensive key management to restrict the access to sensitive content in the cloud and prevent data leaks, theft of intellectual property and compliance failure. Our state-of-the-art data protection support that includes data classi-fication, information rights management and secure offline data access is made available through a single, scalable plat-form, simplifying new cloud on-boarding and streamlining the workflow for creating data protection policies.
Deep content scanning with Data Loss Preven-tion (DLP) policies to protect sensitive content through data classification, encryption, masking, watermarking, quarantining or deleting. CASB+ prevents the upload of sensitive and regulated content defined as containing PII, PCI, PHI or oth-er sensitive or confidential material. This content can also be encrypted on the fly during the upload to ensure that it is compliant and protected.
CASB+ expands DLP monitoring with addition-al standard DLP templates, including driver’s li-censes, passport numbers, IP and MAC addresses, email, EIN, and VIN. You can also integrate CASB+ with your existing enterprise DLP products so that policies can be applied consistently across your enterprise, further preserving your security in-vestments.
Zero Trust encryption protects data no matter where it is — “at rest,” in-network transit, in the cloud application layers (API, middleware, mem-ory), and in use. CipherCloud FIPS 140-2 certified data protection capabilities meet all global compli-ance regulations and provides the highest levels of cyber threat protection, preventing the most com-plex threats and attacks such as API-based attacks that target encrypted data. Furthermore, the data encryption keys are retained only by you and are never shared with the cloud provider.
Native Information Rights Management (IRM) se-cures offline data access, protecting the data that gets downloaded from the cloud applications to users’ devices. IRM defines what devices should be allowed to access the data (for example, users cannot use personal devices to access sensitive data). In the event that downloaded data needs to be protected from the misuse, administrators have the ability to retract access to the data, even if it was downloaded and copied to another device. CipherCloud CASB+ is also integrated with major third-party IRM packages such as Microsoft’s.
CipherCloud device management is integrated with VMWare Airwatch to define policies to al-low the restriction of use and the download of data to BYO devices, corporate-owned personal-ly enabled devices, or corporate-owned business only devices. This helps in supporting internal and external collaborators, remote, real-time key re-vocation for lost or compromised devices, mobile and endpoint apps enabling file decryption by an authorized user.
Optical Character Recognition (OCR) enables CASB+ to detect sensitive information in image files that have been uploaded to the cloud. OCR protection can also be applied to files that include images; for example, a PDF or a Microsoft Word file.
BRIEF | CASB+ for with Slack and Microsoft Teams
© 2020 CipherCloud, Inc. All rights reserved Page: 4
Zero-Day Threat Prevention
CipherCloud CASB+ brings advanced protection to identify and stop malicious content shared through Slack or Teams. This protection includes capabilities such as virus/malware protection and cloud security posture management.
Virus/Malware (AVAM) protection can defend against viruses, malware, and ransomware to help keep Box data safe. URL link protection and on-premise sandbox integration enable us to dis-cover and remediate even the most challenging Zero-Day threats. For example, AVAM can detect and isolate an infected document before the mal-ware spreads across your cloud documents.
Cloud Security Posture Management (CSPM) performs an automated assessment of your SaaS and IaaS clouds’ security posture, including Mic-rosoft Office 365 suite, Microsoft Azure, Amazon Web Services and Google Cloud Platform. CSPM reduces the operational complexity through a centralized security solution for all cloud services and infrastructure, prevents data loss due to mis-configurations, and ensures the latest compliance guidelines – GDPR, CCPA, HIPAA, PCI, are ad-hered to.
Centralized Compliance
CipherCloud CASB+ enables Slack and Teams to be compli-ant with a broad mix of current and pending global privacy and compliance regulations. This includes the controls nec-essary to support cloud-based applications under PCI, PII, HIPAA, General Data Protection Regulation (GDPR), Cali-fornia Data Privacy Act (CCPA), and many more
Each country may have different compliance controls for data privacy, data protection, data sovereignty, and data residency. Our hybrid de-ployment allows any multinational enterprise to manage one integrated secure deployment for key cloud applications across multiple countries with controls and key management configurable to address a broad variety of differing regulatory requirements.
CASB+ supports the processing of personal data of residents within that country or region, complying with the data residency laws of the host nation. This allows global organizations to adopt cloud applications, without worrying about additional security controls for data protection.
Leveraging Existing Investments
The CipherCloud platform allows integration with existing enterprise security solutions to optimize existing invest-ments including EDLP, SSO, and Antivirus/Antimalware solutions, to name a few. Customers can also integrate with existing SIEM solutions as well as consume data from enter-prise firewalls and proxies to provide additional visibility on all clouds in use, including non-approved SaaS applications (Shadow IT). CASB+ Enterprise Integration includes support for external DLPs such as Symantec, mobile device manage-ment (MDM) systems such as Airwatch, Single Sign-On solu-tions such as Okta, Sandbox engines such as Juniper SkyATP, and more. CASB+ also includes a first-class integration with Azure Information Protection to leverage your other cloud data protection capabilities. Integration with Antivirus/An-timalware (AVAM) solution provides additional detail for de-tection of many types of malware such as zero-day threats, viruses, spyware, ransomware, worms, and bots, and ensures that any additional files uploaded to the cloud are protected from carrying malicious content that can affect the rest of the collaborators.
The Largest Multinationals in the World Use CipherCloud
5 of the Top U.S. Banks
6 of the Top Banks Worldwide
3 of the Top 10 Insurance Firms
3 of the Top 10 U.S. Health Care Firms
3 of the Top 10 Pharmaceutical Firms
2 of the Largest Telecommunication Firms
Government agencies in the United States, United Kingdom, Canada, Australia and beyond
BRIEF | CASB+ for with Slack and Microsoft Teams
© 2020 CipherCloud, Inc. All rights reserved Page: 5
About CipherCloud
CipherCloud introduced the first CASB solution to the market in 2011 and continues to reshape the cloud security market. CipherCloud’s rec-ognized data protection expertise forms the foundation for the industry’s only zero-trust CASB solution, providing seamless zero-trust security across all clouds with unified policies, trusted data protection, and auto-mated compliance for the cloud-mobile era. CipherCloud is a winner of the Best Cloud Security Product of the Year by SC Magazine, the Leading Vi-sionary in Gartner’s 2018 CASB Magic Quadrant, and the Overall Leader in the KuppingerCole CASB Leadership Compass two years in a row. The world’s largest global enterprises and government institutions in over 25 countries protect and secure their cloud information with CipherCloud. CipherCloud is backed by Andreessen Horowitz, Transamerica Ventures, Delta Partners and T-Venture, the venture capital arm of Deutsche Tele-kom. For more information, visit www.ciphercloud.com and follow us on Twitter @ciphercloud.
