webinarapr 13
2016
4 essential components of
o365 security
poll:what is your
biggest concern with moving to
o365?
STORYBOARDS
office 365 is the leading SaaS productivity suite:market share has tripled year over year
2014 2015
google apps office 365
other
16.3%
7.7%
76%
22.8%
25.2%52%
STORYBOARDS
enterprises face a security balancing act:maintaining security/control while empowering users
■ visibility / control
■ restricting access to data on unmanaged devices
■ preventing account hacking
■ controlling external sharing
STORYBOARDS
the traditional approach to
security is inadequate
STORYBOARDS
native security features can’t be relied upon:the data blind spot
components
usage/consumption
data
application
services
servers & storage
network
layer
data
application
infrastructure
owner
enterprise
poll:what are your
CASB deployment plans?
STORYBOARDS
4 essential components of o365 security
identity
cloud
access
mobile
STORYBOARDS
casb security:a data-centric approach
o365 requires a new security architecture
■ cross-device, cross-platform agentless
data security
■ real-time protection■ limit high-risk activities like external file
sharing
■ detailed logging for compliance and audit
STORYBOARDS
access:protect data across all devices, managed and unmanaged
■ granular access controls based on context (e.g. device type, user, geo)
■ redact, encrypt, or watermark sensitive content with Citadel DLP
■ apply DLP to files on download
STORYBOARDS
mobile:protect data across all devices, managed and unmanaged
■ secure unmanaged devices with an agentless solution
■ enable access to frequently used native apps
■ enforce mobile device protection policies on byod
STORYBOARDS
identity:centralized identity management is key in securing data
■ cloud app identity management should
maintain the best practices of on-prem
identity
■ limit potential breaches with contextual
multi-factor auth for high risk logins
STORYBOARDS
managed devices
application access access control data protection
unmanaged devices / byod
in the cloud
Forward ProxyActiveSync Proxy
Device Profile: Pass● Email● Browser● OneDrive Sync
● Full Access
Reverse Proxy + AJAX VMActiveSync Proxy
● DLP/DRM/encryption ● Device controls
API Control External Sharing Blocked● Block external shares● Alert on DLP events
Device Profile: Fail● Mobile Email● Browser● Contextual multi-factor auth
o365 use case:only CASB with real-time data protection on any device
STORYBOARDS
secure office 365
+ byod
challenge:
■ Inadequate native O365 security■ Controlled access from any device■ Limit external sharing
■ Interoperable with existing infrastructure, e.g. Bluecoat, ADFS
solution:
■ Real-time data visibility and control powered by Citadel
■ DLP policy enforcement at upload or download
■ Quarantine externally-shared sensitive files in cloud
■ Controlled unmanaged device access via Omni
fortune 100 healthcare firm
STORYBOARDS
secure office 365
challenge:
■ Inadequate native O365 security■ Protection of sensitive creative files■ Prevention of data leakage
solution:
■ Real-time visibility and control over file sharing, powered by Citadel
■ Restricted access from unmanaged devices
■ Integrated identity/SSO
global ad agency
STORYBOARDS
our mission
total data
protection
STORYBOARDS
download the full cloud adoption report
Office 365 adoption is growing rapidly, now ahead of all other SaaS apps
download the report
resources:more info about office 365 security
■ definitive guide to o365 security
■ case study: ad agency secures o365
■ glass class: office 365
STORYBOARDS
bitglass.com@bitglass