Visibility and Control for Sanctioned & Unsanctioned Cloud Apps

  • Published on
    13-Feb-2017

  • View
    212

  • Download
    0

Transcript

  • 2015 Imperva, Inc. All rights reserved.

    Visibility and Control for

    Sanctioned & Unsanctioned

    Cloud Apps

    Walter Doria Technical Director Exclusive Networks

    Gabriele Buratti Principal SE Imperva

  • 2015 Imperva, Inc. All rights reserved.

    Todays Agenda

    Introductions & Discussion

    Market Overview, Trends, Risks & Gaps

    Understanding Imperva Skyfence Use Cases

    Deployment Considerations

    Live Demo

    Q & A

    Confidential2

  • 2015 Imperva, Inc. All rights reserved.

    Gartner WAF MQ: Imperva is alone as the Leader

    What do we do?

    Enable organizations safe and productive use of corporate

    SaaS applications

    Why is it relevant?

    The cloud app trend has created a visibility and control blind

    spot for IT that cannot be addressed by traditional controls

    Part of Imperva (NYSE: IMPV)Acquired in February 2014 for $60M

    Imperva Background

    Founded in 2002

    650+ employees

    Customers in 75+ countries

    4000+ Enterprise Customers

    Highest returning IPO of 2011

    Who is Skyfence?

    33Confidential

  • 2015 Imperva, Inc. All rights reserved.

    Market Overview

    Cloud Access Security Brokers

    CASB named #1 in top 10 technologies for IT Security in 2014

    By 2017, those making a strategic decision to invest in cloud apps for

    mission-critical workloads will consider CASB essential

    The CASB market will reach $500 million by year-end 2017

    Most of the market in 2014, enterprise customers, all verticals

    Offline deployment

    3rd party logs, API, or web-accessRisk Assessment

    Rapidly catching-up, expected 100% penetration by 2017

    Inline deployment

    Forward / reverse proxies, SWG integrations, endpoint agents

    Monitoring & Enforcement

    Two primary use cases for IT:

    Confidential4

  • 2015 Imperva, Inc. All rights reserved.

    Customer-facing Applications

    Moving to IaaS or PaaS providersEmployee-facing Applications

    are SaaS and Cloud Apps

    Data Proliferation to the Cloud

    Traditional Data Center

    55Confidential

  • 2015 Imperva, Inc. All rights reserved.

    No visibility into who is using what apps

    No way to assess cloud apps risks and prioritize

    Unable to monitor and analyze all activity

    No endpoint control capabilities for cloud apps

    Cloud apps are a prime target for hackers and malicious insiders data exfiltration

    Corporate

    Employees, Mobile

    Workers and

    Hackers

    Cloud

    Applications

    Challenges of Cloud Apps and Shadow IT

    66Confidential

  • 2015 Imperva, Inc. All rights reserved.

    Visibility and Control for Cloud Applications

    Cloud Discovery & Governance (Offline) Cloud Audit & Protection (Inline)

    Cloud Security Suite

    Monitor Activity of Users & Admins Push to SIEM

    Endpoint & Data Access Controls with Risk-based MFA

    Detect Anomalies & Prevent Account Takeover Attacks

    Discover Shadow IT Apps & Assess Risk

    Review User Entitlements to Find Dormant &

    Orphaned Accounts

    Centrally Assess Security & Configuration Settings

    of Cloud Apps

    7Confidential

    Corporate

    Employees, Mobile

    Workers and

    Hackers

    Cloud

    Applications

  • 2015 Imperva, Inc. All rights reserved.

    User Entitlements Review

    Dormant Users cost reduction opportunity

    Orphaned Accounts risk of ex-employees access

    External User partners, suppliers with access

    Application Configuration Review

    Benchmark current configuration with best practices

    Mitigate risks associated with configuration issues

    Integrated Remediation Workflow

    Assign tasks to resolve user & application issues

    Skyfence Risk Governance Understand Your Specific Risks

    9Confidential

  • 2015 Imperva, Inc. All rights reserved.

    Common Skyfence Use Cases for the Cloud

    Secure Office 365 Users

    Endpoint access control

    Monitor & control uploads and downloads

    Prevent account takeover

    Control Collaboration and File Sharing

    Visibility over sharing of unstructured data

    Data security

    Manage AWS Console Users

    Discovery of AWS console users

    Risk-based strong authentication

    Blocking/controlling high-risk actions

    Prevent account takeover

    Discover Line of Business Apps

    Sanctioned and unsanctioned

    Over 5,000 apps supported (Salesforce, NetSuite, etc.)

    10Confidential

  • 2015 Imperva, Inc. All rights reserved.

    Metro Bank Uses Skyfence to Secure Office 365 Apps

    Background

    Fast-growing, UK-based bank

    1400 users

    Office 365 apps: Email, SharePoint, Yammer, and OneDrive

    Challenges

    Employees require remote access to Office 365 apps

    Microsoft IP fencing was ineffective at controlling BYOD access

    Required non-intrusive approach no impact to end users

    Integrate with AirWatch MDM deployment

    Solution Benefits

    Global enforcement of access controls

    Consistent, detailed, and clear visibility into all cloud app activity

    PCI DSS compliance for cloud access outside of the organization

    11Confidential

  • 2015 Imperva, Inc. All rights reserved.

    Cloud Access Security Delivered with Incapsula CDN

    Solves Key Customer Issues

    Security

    Performance

    Scalability

    Single Architecture for all Apps

    Customer-facing Production Apps

    Employee-facing SaaS Apps (Salesforce, Office 365, etc.)

    13Confidential

  • 2015 Imperva, Inc. All rights reserved.

    See What You Are Missing Illuminate Shadow IT

    Free Download for Cloud App Discovery

    Windows and Mac versions

    Scans Web Proxy, SIEM, and Firewall logs

    Quantify apps, users, activities, & risk

    Includes free online support & Knowledge Base

    www.skyfence.com/cloud-discovery-free

    Scan1Review Results2

    Corporate Network

    Discovered Apps

    Cloud Discovery Tool

    LOG FilesFirewall / Web Proxy

    Corporate Network

    16Confidential

    http://www.skyfence.com/cloud-discovery-free

  • 2015 Imperva, Inc. All rights reserved.

    Pros ProsCons Cons

    Requires SSO

    Limited desktop /

    mobile apps support*

    BYOD

    No endpoint agents

    No endpoint config

    Doesnt require SSO

    Full desktop /

    mobile apps support

    No BYOD

    Endpoint agents

    Endpoint config

    * Supported features include limited User Access Control, full support requires agent installation

    SAML Redirect SWG Integration / Endpoint clients

    Forward ProxyReverse Proxy

    Corporate / Managed Corporate / ManagedBYOD BYOD

    Flexible Enterprise Deployment Options

    17Confidential

  • 2015 Imperva, Inc. All rights reserved.

    Skyfence Cloud Gateway

    Live Demo

    Confidential18

Recommended

View more >