Upload
centralohioissa
View
829
Download
2
Embed Size (px)
Citation preview
No TradeoffsCloud Security and Privacy
Don’t Need
To Be at Odds
Jervis Hui, Product Marketing Manager
There are 10,000 enterprise
apps today (and growing).
© 2015 Netskope. All Rights Reserved. 3
Actual:
917
IT estimate:
40-50
IT is blind to 90%
of cloud apps
>90% of apps are not
enterprise-ready
App Redundancy:
• 62 Marketing
• 37 Collaboration
• 28 HR
• 34 Finance
• 27 Productivity
• 23 Cloud StorageImpacts
CISO, CIO, and CFO
© 2015 Netskope. All Rights Reserved.
How Do Cloud Apps Get In?
4
IT-led
Business-led
User-led
10%
70%
20%
Mostly
Unsanctioned
Sanctioned
5
apps
• 917+ cloud apps
per enterprise
• 94% are not
enterprise-readyusers
• Malicious or
non- intentional
• 15% of corporate
users have had their
account credentials
compromised
data
• 18% of files in cloud
apps constitute a
policy violation
• 22% of those files are
shared publiclyactivities
• Cloud makes it
easy to share
• When is an activity
an anomaly?
Catch-22
Allow is the new block (allow is new block green light slide)
7
© 2015 Netskope. All Rights Reserved.
What about
privacy?
8
© 2015 Netskope. All Rights Reserved.
Dr. Cavoukian’s Privacy by Design Framework
9
Proactive not
reactive;
preventative
not remedial
Privacy as the
default setting
Privacy
embedded into
design
Full
functionality:
positive-sum,
not zero-sum
End-to-end
security; full
lifecycle
protection
Visibility and
transparency –
keep it open
Respect for
user privacy –
keep it user-
centric
7 Requirements for Mitigating
Cloud Usage Risk(while maintaining privacy)
REQ #1Find all cloud apps
running in your
environment and
assess enterprise-
readiness
Privacy Best
Practice #1
Bypass selected
cloud apps
REQ #2Understand Cloud
Usage Details
v
v
Bob in
accounting
From his
mobile phone
vUploading
customer data
to Dropbox
v
Bob’s
credentials
have been
compromised
Privacy Best
Practice #2
Obfuscate personal
details in UI and do
it per role
v
v
Bob in
accounting
From his
mobile phone
vUploading
customer data
to Dropbox
v
Bob’s
credentials
have been
compromised
REQ #3Use surgical
precision in
your policies,
leveraging
contextual
data
Privacy
Best
Practice #3
Differentiate
between
corporate and
personal
cloud usage
REQ #4Enable right-sized
admin privileges SharePoint
Admin
User
REQ #5Find sensitive
data tied to an
activity or stored
in a cloud app
REQ #6Enforce
policies by
source and
destination
country
REQ #7Don’t leave users in the dark.
Coach them on safe usage.
5:Find sensitive data tied to an
activity or stored in a cloud
app
3:Use surgical precision in your
policies and leverage context
2:Understand cloud usage
details
4:Enable right-sized admin
privileges1:Find all cloud apps and
assess enterprise-readiness
6:Enforce ppolicies by source
and destination country.
Bypass selected cloud apps
Obfuscate personal details in UI
Differentiate between personal and
corporate cloud usage 7:Don’t leave users in the dark.
Coach them on safe usage.
THANK YOU!
To learn more, visit the Netskope booth and see a live demo