AS
Uploaded byAfrican Cyber Security Summit
PPTX, PDF945 views

Atelier Technique - Symantec - #ACSS2019

The document discusses the security challenges and considerations surrounding the adoption of Office 365, highlighting the benefits of cloud migration such as cost savings and simplified IT management. It emphasizes the need for robust security measures against evolving threats, particularly in email security, and the importance of implementing third-party tools to enhance protection. Additionally, it outlines strategies for data loss prevention and securing corporate data across various cloud applications.

Embed presentation

Downloaded 28 times
Office 365 et enjeux de sécurité : un dilemme ? ACSS - Juin 2019 Abderezak OUARET – Business Development Manager
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 2 Cloud Delivered Apps Continue to Explode ⇧ Businesses that have embraced O365 or are in the midst of the decision to migrate to O365 are recognizing its many benefits, including: Cost savings Primarily driven by a shift toward OpEx consumption models and a consolidation of IT tools. Simplified IT management Simplified application of patches and updates, automation of tasks, and proactive recognition of suspicious behavior. 74% of organizations are already using software-as-a- service in some capacity. Today, nearly two-thirds (63%) report that SaaS currently accounts for more than one out of five of their business applications. More than one-third of all organizations surveyed in 2017 said that they currently used cloud- based email (39%) and/or office productivity software (37%). Data security & control Leveraging the intelligence of the cloud to detect sophisticated threats, malware, and user credentials theft, as well as adhere to compliance mandates. Productivity & availability Secure, safe, and consistent access across devices, independent of end-user location.
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Different Security, Deployment, and Scalability Requirements Security Challenges with Move to the Public Cloud Auditing & Monitoring Identity & Access Mgmt. Data Security Workload Protection Hypervisor Security Network & Infrastructure Security Physical Security • Apps • OS • Services • Configuration • Connectivity Customer Cloud Provider SECURITYRESPONSIBILITIES Public Cloud “Shared Responsibility” Model 3
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 5 IaaS/PaaSSaaSMobile Corporate network Mobile/BYOD/Public Wifi Shadow IT Shadow Data Account Takeover Partners Vendors Clients Cloud Chaos 25% of Cloud Docs are Broadly Shared1 1 1H 2016 Shadow Data Report
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 6 Email Continues to be a Top Attack Vector 43% of all breaches included social tactics. 93% of social attacks were phishing related. 28% of phishing attacks were targeted. Security threats and attack sophistication have also evolved: Advanced attacks Advanced and zero-day threats are much more difficult to detect and stop than traditional malware. Email Phishing Today’s attacks use spear phishing and business email compromise (BEC) scams. Downloaders Cyber criminals rely on first- stage downloaders to install the final payload of Office documents containing malicious macros and Java scripts. 66% of malware is installed via malicious email attachments. 90% of incidences and breaches included a phishing element. 21% of ransomware involved social actions, such as phishing.
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 7 Common Considerations Guard against new and emerging multi-vector attacks (web, email, endpoint, collaboration apps). Protect SaaS applications, inclusive of O365 and other business SaaS apps. Gain control of content: tracking, access, email, sharing…across all business applications. Keep key information under corporate control for consistency and visibility.
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 8 Common Considerations • Secure accounts for sanctioned and unsanctioned applications • Create a cohesive strategy to secure the movement to cloud • Embrace high-efficacy threat protection • Maintain compliance and protect sensitive information within O365, existing business applications, and existing data across on-premises and cloud consumption models • Reduce security operational costs with a solution that supports Office 365, other cloud apps, and hybrid cloud environments • Improve security processes with solutions that embrace automation and integration across business applications • Consider the value of artificial intelligence (AI)- driven user and entity behavioral analytics (UEBA), automated data classification, and automated policy responses • Consider the value of advanced machine learning and threat isolation technologies to address sophisticated malicious threats
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 9 Source: Symantec TASER testing • Low efficacy scores due to OEM technology • Relies heavily on standard signatures & blacklists • Poor protection against spear phishing, ransomware, and business email compromise Effectiveness • Lacks granular policy definition • Less advanced scanning & limited workflows • Protects O365 & Exchange on-premises data only Data Loss Prevention • Unproven sandbox with virtual execution only • Little detailed reporting on blocked attacks • Poor visibility into targeted attack campaigns Threat Protection Office 365 Security Limitations “By 2020, 50% of organizations using Office 365 will rely on non-Microsoft security tools to maintain consistent security policies across their multivendor ‘SaaSscape’.” —“How to Enhance the Security of Office 365,” Gartner Research, November 2017 0.00% -13.64% -0.06% 0.00% 98.77% 82.79% 88.11% 59.84% -20.00% 0.00% 20.00% 40.00% 60.00% 80.00% 100.00% False Positive (FP) Protected
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 10 Symantec End to End Protection for Office 365 Protects business email from inbound advanced threats such as business email compromise, ransomware, and spear phishing Blocks outbound sensitive data loss via email content and attached files Protects Office 365 apps such as OneDrive, Email, Sharepoint, Yammer, and Teams from threats and sensitive data exposure Blocks threats and sensitive data exposures via internal-or external-bound user transactions with Office 365 apps, and protects data o Govern Shadow IT o Risk Assesment o Cloud DLP o Classification o Encryption o Account Protection o Advanced Threat Protection
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 11 Email Security.cloud
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 12 Gartner, “Protect Your Office 365 Deployment from Threats”, December 2017 Emerging Challenges for Email Security 78%of organizations using or planning to use Office 3651 Cloud-Managed Email Service 1 Gartner 2016 Office 365 Survey Results “Despite Microsoft’s continued investment in Office 365 security improvements, some Gartner clients consistently report dissatisfaction with EOP and ATP and therefore enlist the aid of one or more third-party tools for improved email security.” Social Engineering Advanced Threats Data Protection 12
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 1313 IaaS/PaaSSaaSMobile Cloud Control Enterprise Mobile/BYOD/Public Wifi CloudSOC CASB Data Security Threat Protection Visibility Understand & monitor risk exposure across public cloud apps & infrastructure Govern access to critical data, extend protections against breach Protect against threats, detect, investigate, and remediate incidents
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 14 CloudSOC IaaS/PaaS SaaS Mobile Enterprise Mobile/BYOD/Public Wifi CASB Data Security Threat Protection Visibility Understand & monitor risk exposure across public cloud apps & infrastructure Govern access to critical data, extend protections against breach Protect against threats, detect, investigate, and remediate incidents CASB API CASB Audit CASB Gateway
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 15 CASB 1.0 How can I automate control of Shadow IT? Can I apply my existing DLP policies to data in cloud apps? Can I encrypt data and control who has access regardless of where it goes? Which files in my cloud apps are malware? Can I dynamically trigger MFA for risky transactions? Can I track roaming users as part of my Shadow IT analysis? Can I have my cloud activity be monitored by a Managed Service?
Network Forensics Encryption & Tokenization Data Loss Prevention CASB 1.0
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 17 Symantec Email Security • Protect against advanced attacks in external email Symantec CASB • Protect against advanced attacks in internal email and content for Office 365 apps • Control access to apps and content Comprehensive Office 365 Security with Symantec Data Loss Prevention Email Security CASB DLP Symantec DLP • Protect data in email and Office 365 apps
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 18 Data Protection for Exchange, OneDrive and SharePoint Symantec DLP Prevents Data Leakage Across Office 365 Extends DLP to Exchange Online, OneDrive, and SharePoint Online Inspects and blocks real-time inline traffic Scans data at rest on OneDrive & SharePoint via DLP and CloudSOC Deeply inspects content with advanced detection not available in Office 365 Enables strong file encryption on OneDrive and SharePoint via Information Centric Encryption DLP
Copyright © 2018 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Prevent Data Leakage Across Email with Symantec DLP Headquarters Data Center Regional Office Roaming Users Data Loss Prevention ENFORCE MANAGEMENT CONSOLE Cloud Network Endpoint Storage DLP Cloud Service for Email DLP • Advanced detection • Policy enforcement • Unified policies Email Security • Multi-layered defense • Email threat isolation • Policy-based encryption Info Centric Encryption Partners Vendors Contractors BYO Unmanaged Devices 19
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 20 Unmanaged Devices Extended Perimeter Managed Devices w/ Symantec DLP Endpoint Agent Direct to Net Corporate Datacenter Direct to Net Symantec DLP CloudSymantec CASB Extend DLP to 60+ Cloud Apps Apply Fine-Tuned Policies to Cloud Leverage Workflow Integrations • Shadow IT Analysis • Granular Visibility and Control • User Behavior Analytics Gain Full CASB Functionality Extending DLP into the Cloud Symantec DLP Management Console
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 21 AUDIT – APPFEED GIN • Risk attribute data on over 23,000 cloud applications • Enforce application access policy controls by application, user, group, etc. • In-line DLP enforcement on all cloud and web application traffic • Extend controls with market-leading CASB solution: CloudSOC CASB Audit App Rating Database Analytics Proxy CASB Integration Symantec Web Security Service Offices Roaming Users Access Control Web Security Service
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 22 Simplified Governance & Accelerated User Experience Symantec WSS—Optimized for Office 365 Auto-Alignment: Simplify Powerful Proxy Policy for O365 Automate Classification of Office 365 Application Traffic Synchronize Rapidly Changing O365 IP’s and URLs with MSFT Enforce Security Policy Simplify Governance Accelerate Connections with TCP Window Scaling Wider Transfer Windows Increased Bandwidth Throughput Fewer Round Trips & Reduced Latency Accelerate User Experience Optimize Content Delivery with Content Peering Fewer “Hops” Faster Path Lower Latency Quality of Service Controls O365 Bandwidth Controls TCP Window
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY API WebSecurityServices (WSS) GlobalIntelligence Network(GIN) Symantec CASB Logs Policies/ Incidents Logs App Feed GW CloudSOC ShadowIT CloudSOCGateway CloudSOCSecurlets SpanVA Integrations Logs SEP SIEM Office 365 Email Internet Email Security.cloud Symantec DLP Cloud Symantec DLP Suite MESSAGING GATEWAY Gateway Email Encryption Channel Coverage POLICIES MANAGEMENT POLICIES MANAGEMENT Endpoint Encryption Information Centric Tagging / Encryption / Analytics Cloud Perimeter On-Promises Perimeter
Next Steps
Copyright © 2017 Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 25 As you prepare for your O365 implementation, this checklist will serve as a guide to assist you through the multiple dimensions of an O365 migration and the selection of your solution for securing it. Contextual Visibility  Continuously scan  Strive to achieve a single console  Activate advanced threat analytics Alerts  Create passive mode alerting  Categorize alerts  Report and communicate Policies  Create access controls and authentication methods  Enforce usage controls  Reduce operational complexity Protection  Embrace data loss prevention  Implement one solution  Test Detection  Continuously analyze  Utilize machine learning  Utilize machine learning Automation  Create security and access controls  Automatically identify  Leverage artificial intelligence O365 Security Checklist https://interactive.symantec.com/O365/Checklist
Thank You!

More Related Content

PDF
Brochure forcepoint dlp_en
bySeenee Permal, CISA, CISM
 
PPTX
Forcepoint Advanced Malware Detection
byForcepoint LLC
 
PDF
Microsoft threat protection + wdatp+ aatp overview
byAllessandra Negri
 
PDF
Is the Cloud Safe? Ensuring Security in the Cloud
byTechSoup
 
PPTX
Securing Beyond the Cloud Generation
byForcepoint LLC
 
PDF
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
byDean Iacovelli
 
PPTX
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
byForcepoint LLC
 
PDF
GDPR is Here. Now What?
byForcepoint LLC
 
Brochure forcepoint dlp_en
bySeenee Permal, CISA, CISM
 
Forcepoint Advanced Malware Detection
byForcepoint LLC
 
Microsoft threat protection + wdatp+ aatp overview
byAllessandra Negri
 
Is the Cloud Safe? Ensuring Security in the Cloud
byTechSoup
 
Securing Beyond the Cloud Generation
byForcepoint LLC
 
"Evolving Cybersecurity Strategies" - Threat protection and incident managment
byDean Iacovelli
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
byForcepoint LLC
 
GDPR is Here. Now What?
byForcepoint LLC
 

What's hot

PDF
Comprehensive Protection and Visibility into Advanced Email Attacks
bySymantec
 
PPTX
CASB: Securing your cloud applications
byForcepoint LLC
 
PDF
Microsoft Office 365 Security and Compliance
byDavid J Rosenthal
 
PPTX
Protecting Your Data In Office 365
byElastica Inc.
 
PPT
Ironport Data Loss Prevention
bydkaya
 
PPTX
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
byScalar Decisions
 
PPTX
Microsoft Threat Protection
byThierry DEMAN
 
PPTX
Office 365 Security Best Practices
byCommunity IT Innovators
 
PDF
Forcepoint SD-WAN and NGFW + IPS
byLarry Austin
 
PPTX
Forrester Research: Securing the Cloud When Users are Left to Their Own Devices
byNetskope
 
PPTX
Why Zero Trust Architecture Will Become the New Normal in 2021
byCloudflare
 
PDF
Endpoint Detection & Response - FireEye
byPrime Infoserv
 
PDF
Microsoft Defender and Azure Sentinel
byDavid J Rosenthal
 
PDF
Forcepoint Dynamic Data Protection
byMarketingArrowECS_CZ
 
PDF
An introduction to Office 365 Advanced Threat Protection (ATP)
byRobert Crane
 
PDF
Symantec Cloud Security Threat Report
bySymantec
 
PDF
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
bySymantec
 
PPTX
Where in the world is your Corporate data?
byAshish Patel
 
PDF
Symantec Webinar Cloud Security Threat Report
bySymantec
 
PDF
Mimecast Threat Report
byChris Hewitt
 
Comprehensive Protection and Visibility into Advanced Email Attacks
bySymantec
 
CASB: Securing your cloud applications
byForcepoint LLC
 
Microsoft Office 365 Security and Compliance
byDavid J Rosenthal
 
Protecting Your Data In Office 365
byElastica Inc.
 
Ironport Data Loss Prevention
bydkaya
 
Disrupting the Malware Kill Chain - What's New from Palo Alto Networks.
byScalar Decisions
 
Microsoft Threat Protection
byThierry DEMAN
 
Office 365 Security Best Practices
byCommunity IT Innovators
 
Forcepoint SD-WAN and NGFW + IPS
byLarry Austin
 
Forrester Research: Securing the Cloud When Users are Left to Their Own Devices
byNetskope
 
Why Zero Trust Architecture Will Become the New Normal in 2021
byCloudflare
 
Endpoint Detection & Response - FireEye
byPrime Infoserv
 
Microsoft Defender and Azure Sentinel
byDavid J Rosenthal
 
Forcepoint Dynamic Data Protection
byMarketingArrowECS_CZ
 
An introduction to Office 365 Advanced Threat Protection (ATP)
byRobert Crane
 
Symantec Cloud Security Threat Report
bySymantec
 
Symantec - The Importance of Building Your Zero Trust Program on a Solid Plat...
bySymantec
 
Where in the world is your Corporate data?
byAshish Patel
 
Symantec Webinar Cloud Security Threat Report
bySymantec
 
Mimecast Threat Report
byChris Hewitt
 

Similar to Atelier Technique - Symantec - #ACSS2019

PDF
Microsoft 365 Enterprise Security with E5 Overview
byDavid J Rosenthal
 
PPTX
05_09_23_DrivingGrowthwithSecurityManagedServices_M365v561EXT (1).pptx
byashishg44
 
PDF
Microsoft 365 eEnterprise E5 Overview
byDavid J Rosenthal
 
PPTX
Security and compliance in Office 365 -Part 1
byVignesh Ganesan I Microsoft MVP
 
PDF
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
byPlatformSecurityManagement
 
PDF
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
bySymantec
 
PPTX
Securing your Organization with Microsoft 365
byRavikumar Sathyamurthy
 
PDF
Microsoft 365 security in the cloud
byNovaQuantum
 
PDF
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
bySymantec Brasil
 
PDF
Securing Office 365
bySymantec
 
PDF
Content is King - Symantec
byHarry Gunns
 
PPTX
Webinar - Bitglass and CyberEdge - Hidden Security Threats
byBitglass
 
PDF
Issa symc la 5min mr
byISSA LA
 
PDF
mcafee-cloud-acceleration-and-risks.pdf
byAndreBolo1
 
PDF
Being more secure using Microsoft 365 Business
byRobert Crane
 
PDF
Novaquantum advanced security for Microsoft 365
byNovaQuantum
 
PDF
10 Good Reasons: NetApp for Data Protection
byNetApp
 
PPTX
Office 365 Security - Its 2am do you know whos in your office 365
byJack Nichelson
 
PPTX
Office 365 Security: How to Safeguard Your Data
byBitglass
 
PDF
Information security in office 365 a shared responsibility - antonio maio
byAntonioMaio2
 
Microsoft 365 Enterprise Security with E5 Overview
byDavid J Rosenthal
 
05_09_23_DrivingGrowthwithSecurityManagedServices_M365v561EXT (1).pptx
byashishg44
 
Microsoft 365 eEnterprise E5 Overview
byDavid J Rosenthal
 
Security and compliance in Office 365 -Part 1
byVignesh Ganesan I Microsoft MVP
 
ASMC 2017 - Martin Vliem - Security < productivity < security: syntax ...
byPlatformSecurityManagement
 
Symantec Webinar | Implementing a Zero Trust Framework to Secure Modern Workf...
bySymantec
 
Securing your Organization with Microsoft 365
byRavikumar Sathyamurthy
 
Microsoft 365 security in the cloud
byNovaQuantum
 
Be Aware Webinar – Office 365 Seguro? Sym, Cloud!
bySymantec Brasil
 
Securing Office 365
bySymantec
 
Content is King - Symantec
byHarry Gunns
 
Webinar - Bitglass and CyberEdge - Hidden Security Threats
byBitglass
 
Issa symc la 5min mr
byISSA LA
 
mcafee-cloud-acceleration-and-risks.pdf
byAndreBolo1
 
Being more secure using Microsoft 365 Business
byRobert Crane
 
Novaquantum advanced security for Microsoft 365
byNovaQuantum
 
10 Good Reasons: NetApp for Data Protection
byNetApp
 
Office 365 Security - Its 2am do you know whos in your office 365
byJack Nichelson
 
Office 365 Security: How to Safeguard Your Data
byBitglass
 
Information security in office 365 a shared responsibility - antonio maio
byAntonioMaio2
 

More from African Cyber Security Summit

PDF
Atelier Technique ARBOR NETWORKS ACSS 2018
byAfrican Cyber Security Summit
 
PPTX
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
byAfrican Cyber Security Summit
 
PPTX
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
byAfrican Cyber Security Summit
 
PDF
Bilan & Perspectives - ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique MANAGE ENGINE ACSS 2018
byAfrican Cyber Security Summit
 
PPTX
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
byAfrican Cyber Security Summit
 
PDF
Bilan & Perspectives #ACSS2019
byAfrican Cyber Security Summit
 
PDF
Atelier Technique EXTREME NETWORKS ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
PPTX
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
byAfrican Cyber Security Summit
 
PDF
Atelier Technique WALLIX ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Rapport de Visibilité ACCS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique SYMANTEC ACSS 2018
byAfrican Cyber Security Summit
 
PPTX
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
byAfrican Cyber Security Summit
 
PDF
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
byAfrican Cyber Security Summit
 
PPTX
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
byAfrican Cyber Security Summit
 
PDF
Atelier Technique CISCO ACSS 2018
byAfrican Cyber Security Summit
 
PDF
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
PPTX
Conférence - Digital Identity and Blockchain - #ACSS2019
byAfrican Cyber Security Summit
 
PDF
Rapport de Visibilité #ACSS2019
byAfrican Cyber Security Summit
 
Atelier Technique ARBOR NETWORKS ACSS 2018
byAfrican Cyber Security Summit
 
Conférence - Pourquoi le PAM (Privileged Access Management) doit-il être le s...
byAfrican Cyber Security Summit
 
Conférence - Arbor Edge Defense, Première et dernière ligne de défense intell...
byAfrican Cyber Security Summit
 
Bilan & Perspectives - ACSS 2018
byAfrican Cyber Security Summit
 
Atelier Technique MANAGE ENGINE ACSS 2018
byAfrican Cyber Security Summit
 
Conférence - Le métier du RSSI en pleine évolution - #ACSS2019
byAfrican Cyber Security Summit
 
Bilan & Perspectives #ACSS2019
byAfrican Cyber Security Summit
 
Atelier Technique EXTREME NETWORKS ACSS 2018
byAfrican Cyber Security Summit
 
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
Conférence - Loi 18-07 du 10 Juin 2018 : la protection des données à caractèr...
byAfrican Cyber Security Summit
 
Atelier Technique WALLIX ACSS 2018
byAfrican Cyber Security Summit
 
Rapport de Visibilité ACCS 2018
byAfrican Cyber Security Summit
 
Atelier Technique SYMANTEC ACSS 2018
byAfrican Cyber Security Summit
 
Conférence - Les enjeux et la vision de Veritas sur la protection des donnée...
byAfrican Cyber Security Summit
 
Conférence - Adopter une approche de sécurité applicative avancée - #ACSS 2019
byAfrican Cyber Security Summit
 
Conférence - Vecteurs d'attaques basées sur les navigateurs et comment se pro...
byAfrican Cyber Security Summit
 
Atelier Technique CISCO ACSS 2018
byAfrican Cyber Security Summit
 
Atelier Technique - F5 - #ACSS2019
byAfrican Cyber Security Summit
 
Conférence - Digital Identity and Blockchain - #ACSS2019
byAfrican Cyber Security Summit
 
Rapport de Visibilité #ACSS2019
byAfrican Cyber Security Summit
 

Recently uploaded

PDF
What Is a Private LLM and Why Enterprises Need It
byAivada
 
PPTX
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
PPTX
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PDF
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
PDF
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
PDF
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PPTX
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PDF
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
PDF
Lab 1.5 - Sharing Secrets with GPG ~ 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
PPTX
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
PDF
Fundamentals and Frontiers of Post Quantum Cryptography
byGokul Alex
 
PDF
WCAG Analyzer Tools and Techniques for User-Friendly Websites
byAccessibility Analyzer
 
PDF
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
What Is a Private LLM and Why Enterprises Need It
byAivada
 
From Backup to Resilience: How MSPs Are Preparing for 2026
byMSP360
 
Why Most GenAI Projects Fail to Scale and How to Become One of the Success St...
byEarley Information Science
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
HCSP-Presales-Campus Network Planning and Design V2.0
byVeronica916344
 
Day 5 - Red Team + Blue Team in the Cloud - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Real-Time Data Insight Using Microsoft Forms for Business
byElevate
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
Day 3 - Data and Application Security - 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
UiPath Autonomous Agents | Building and Orchestrating Agents End-to-End
byUiPathCommunity
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
CompTIA Cybersecurity Analyst (CySA+) CS0-003: Unit 5
byVICTOR MAESTRE RAMIREZ
 
Lab 1.5 - Sharing Secrets with GPG ~ 2nd Sight Lab Cloud Security Class
by2nd Sight Lab
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
wob-report.pptxwob-report.pptxwob-report.pptx
byssuser0d171c
 
Fundamentals and Frontiers of Post Quantum Cryptography
byGokul Alex
 
WCAG Analyzer Tools and Techniques for User-Friendly Websites
byAccessibility Analyzer
 
Is It Possible to Have Wi-Fi Without an Internet Provider
bySidra Jefferi
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 

Atelier Technique - Symantec - #ACSS2019

  • 1.
    Office 365 etenjeux de sécurité : un dilemme ? ACSS - Juin 2019 Abderezak OUARET – Business Development Manager
  • 2.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 2 Cloud Delivered Apps Continue to Explode ⇧ Businesses that have embraced O365 or are in the midst of the decision to migrate to O365 are recognizing its many benefits, including: Cost savings Primarily driven by a shift toward OpEx consumption models and a consolidation of IT tools. Simplified IT management Simplified application of patches and updates, automation of tasks, and proactive recognition of suspicious behavior. 74% of organizations are already using software-as-a- service in some capacity. Today, nearly two-thirds (63%) report that SaaS currently accounts for more than one out of five of their business applications. More than one-third of all organizations surveyed in 2017 said that they currently used cloud- based email (39%) and/or office productivity software (37%). Data security & control Leveraging the intelligence of the cloud to detect sophisticated threats, malware, and user credentials theft, as well as adhere to compliance mandates. Productivity & availability Secure, safe, and consistent access across devices, independent of end-user location.
  • 3.
    Copyright © 2018Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Different Security, Deployment, and Scalability Requirements Security Challenges with Move to the Public Cloud Auditing & Monitoring Identity & Access Mgmt. Data Security Workload Protection Hypervisor Security Network & Infrastructure Security Physical Security • Apps • OS • Services • Configuration • Connectivity Customer Cloud Provider SECURITYRESPONSIBILITIES Public Cloud “Shared Responsibility” Model 3
  • 4.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 5 IaaS/PaaSSaaSMobile Corporate network Mobile/BYOD/Public Wifi Shadow IT Shadow Data Account Takeover Partners Vendors Clients Cloud Chaos 25% of Cloud Docs are Broadly Shared1 1 1H 2016 Shadow Data Report
  • 5.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 6 Email Continues to be a Top Attack Vector 43% of all breaches included social tactics. 93% of social attacks were phishing related. 28% of phishing attacks were targeted. Security threats and attack sophistication have also evolved: Advanced attacks Advanced and zero-day threats are much more difficult to detect and stop than traditional malware. Email Phishing Today’s attacks use spear phishing and business email compromise (BEC) scams. Downloaders Cyber criminals rely on first- stage downloaders to install the final payload of Office documents containing malicious macros and Java scripts. 66% of malware is installed via malicious email attachments. 90% of incidences and breaches included a phishing element. 21% of ransomware involved social actions, such as phishing.
  • 6.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 7 Common Considerations Guard against new and emerging multi-vector attacks (web, email, endpoint, collaboration apps). Protect SaaS applications, inclusive of O365 and other business SaaS apps. Gain control of content: tracking, access, email, sharing…across all business applications. Keep key information under corporate control for consistency and visibility.
  • 7.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 8 Common Considerations • Secure accounts for sanctioned and unsanctioned applications • Create a cohesive strategy to secure the movement to cloud • Embrace high-efficacy threat protection • Maintain compliance and protect sensitive information within O365, existing business applications, and existing data across on-premises and cloud consumption models • Reduce security operational costs with a solution that supports Office 365, other cloud apps, and hybrid cloud environments • Improve security processes with solutions that embrace automation and integration across business applications • Consider the value of artificial intelligence (AI)- driven user and entity behavioral analytics (UEBA), automated data classification, and automated policy responses • Consider the value of advanced machine learning and threat isolation technologies to address sophisticated malicious threats
  • 8.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 9 Source: Symantec TASER testing • Low efficacy scores due to OEM technology • Relies heavily on standard signatures & blacklists • Poor protection against spear phishing, ransomware, and business email compromise Effectiveness • Lacks granular policy definition • Less advanced scanning & limited workflows • Protects O365 & Exchange on-premises data only Data Loss Prevention • Unproven sandbox with virtual execution only • Little detailed reporting on blocked attacks • Poor visibility into targeted attack campaigns Threat Protection Office 365 Security Limitations “By 2020, 50% of organizations using Office 365 will rely on non-Microsoft security tools to maintain consistent security policies across their multivendor ‘SaaSscape’.” —“How to Enhance the Security of Office 365,” Gartner Research, November 2017 0.00% -13.64% -0.06% 0.00% 98.77% 82.79% 88.11% 59.84% -20.00% 0.00% 20.00% 40.00% 60.00% 80.00% 100.00% False Positive (FP) Protected
  • 9.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 10 Symantec End to End Protection for Office 365 Protects business email from inbound advanced threats such as business email compromise, ransomware, and spear phishing Blocks outbound sensitive data loss via email content and attached files Protects Office 365 apps such as OneDrive, Email, Sharepoint, Yammer, and Teams from threats and sensitive data exposure Blocks threats and sensitive data exposures via internal-or external-bound user transactions with Office 365 apps, and protects data o Govern Shadow IT o Risk Assesment o Cloud DLP o Classification o Encryption o Account Protection o Advanced Threat Protection
  • 10.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 11 Email Security.cloud
  • 11.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 12 Gartner, “Protect Your Office 365 Deployment from Threats”, December 2017 Emerging Challenges for Email Security 78%of organizations using or planning to use Office 3651 Cloud-Managed Email Service 1 Gartner 2016 Office 365 Survey Results “Despite Microsoft’s continued investment in Office 365 security improvements, some Gartner clients consistently report dissatisfaction with EOP and ATP and therefore enlist the aid of one or more third-party tools for improved email security.” Social Engineering Advanced Threats Data Protection 12
  • 12.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 1313 IaaS/PaaSSaaSMobile Cloud Control Enterprise Mobile/BYOD/Public Wifi CloudSOC CASB Data Security Threat Protection Visibility Understand & monitor risk exposure across public cloud apps & infrastructure Govern access to critical data, extend protections against breach Protect against threats, detect, investigate, and remediate incidents
  • 13.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 14 CloudSOC IaaS/PaaS SaaS Mobile Enterprise Mobile/BYOD/Public Wifi CASB Data Security Threat Protection Visibility Understand & monitor risk exposure across public cloud apps & infrastructure Govern access to critical data, extend protections against breach Protect against threats, detect, investigate, and remediate incidents CASB API CASB Audit CASB Gateway
  • 14.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 15 CASB 1.0 How can I automate control of Shadow IT? Can I apply my existing DLP policies to data in cloud apps? Can I encrypt data and control who has access regardless of where it goes? Which files in my cloud apps are malware? Can I dynamically trigger MFA for risky transactions? Can I track roaming users as part of my Shadow IT analysis? Can I have my cloud activity be monitored by a Managed Service?
  • 15.
  • 16.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 17 Symantec Email Security • Protect against advanced attacks in external email Symantec CASB • Protect against advanced attacks in internal email and content for Office 365 apps • Control access to apps and content Comprehensive Office 365 Security with Symantec Data Loss Prevention Email Security CASB DLP Symantec DLP • Protect data in email and Office 365 apps
  • 17.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 18 Data Protection for Exchange, OneDrive and SharePoint Symantec DLP Prevents Data Leakage Across Office 365 Extends DLP to Exchange Online, OneDrive, and SharePoint Online Inspects and blocks real-time inline traffic Scans data at rest on OneDrive & SharePoint via DLP and CloudSOC Deeply inspects content with advanced detection not available in Office 365 Enables strong file encryption on OneDrive and SharePoint via Information Centric Encryption DLP
  • 18.
    Copyright © 2018Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY Prevent Data Leakage Across Email with Symantec DLP Headquarters Data Center Regional Office Roaming Users Data Loss Prevention ENFORCE MANAGEMENT CONSOLE Cloud Network Endpoint Storage DLP Cloud Service for Email DLP • Advanced detection • Policy enforcement • Unified policies Email Security • Multi-layered defense • Email threat isolation • Policy-based encryption Info Centric Encryption Partners Vendors Contractors BYO Unmanaged Devices 19
  • 19.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 20 Unmanaged Devices Extended Perimeter Managed Devices w/ Symantec DLP Endpoint Agent Direct to Net Corporate Datacenter Direct to Net Symantec DLP CloudSymantec CASB Extend DLP to 60+ Cloud Apps Apply Fine-Tuned Policies to Cloud Leverage Workflow Integrations • Shadow IT Analysis • Granular Visibility and Control • User Behavior Analytics Gain Full CASB Functionality Extending DLP into the Cloud Symantec DLP Management Console
  • 20.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 21 AUDIT – APPFEED GIN • Risk attribute data on over 23,000 cloud applications • Enforce application access policy controls by application, user, group, etc. • In-line DLP enforcement on all cloud and web application traffic • Extend controls with market-leading CASB solution: CloudSOC CASB Audit App Rating Database Analytics Proxy CASB Integration Symantec Web Security Service Offices Roaming Users Access Control Web Security Service
  • 21.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 22 Simplified Governance & Accelerated User Experience Symantec WSS—Optimized for Office 365 Auto-Alignment: Simplify Powerful Proxy Policy for O365 Automate Classification of Office 365 Application Traffic Synchronize Rapidly Changing O365 IP’s and URLs with MSFT Enforce Security Policy Simplify Governance Accelerate Connections with TCP Window Scaling Wider Transfer Windows Increased Bandwidth Throughput Fewer Round Trips & Reduced Latency Accelerate User Experience Optimize Content Delivery with Content Peering Fewer “Hops” Faster Path Lower Latency Quality of Service Controls O365 Bandwidth Controls TCP Window
  • 22.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY API WebSecurityServices (WSS) GlobalIntelligence Network(GIN) Symantec CASB Logs Policies/ Incidents Logs App Feed GW CloudSOC ShadowIT CloudSOCGateway CloudSOCSecurlets SpanVA Integrations Logs SEP SIEM Office 365 Email Internet Email Security.cloud Symantec DLP Cloud Symantec DLP Suite MESSAGING GATEWAY Gateway Email Encryption Channel Coverage POLICIES MANAGEMENT POLICIES MANAGEMENT Endpoint Encryption Information Centric Tagging / Encryption / Analytics Cloud Perimeter On-Promises Perimeter
  • 23.
  • 24.
    Copyright © 2017Symantec Corporation SYMANTEC PROPRIETARY- LIMITED USE ONLY 25 As you prepare for your O365 implementation, this checklist will serve as a guide to assist you through the multiple dimensions of an O365 migration and the selection of your solution for securing it. Contextual Visibility  Continuously scan  Strive to achieve a single console  Activate advanced threat analytics Alerts  Create passive mode alerting  Categorize alerts  Report and communicate Policies  Create access controls and authentication methods  Enforce usage controls  Reduce operational complexity Protection  Embrace data loss prevention  Implement one solution  Test Detection  Continuously analyze  Utilize machine learning  Utilize machine learning Automation  Create security and access controls  Automatically identify  Leverage artificial intelligence O365 Security Checklist https://interactive.symantec.com/O365/Checklist
  • 25.

Editor's Notes

  • #2 This presentation covers the key capabilities of Symantec Solutions for Office 365 What challenges are customers currently facing? Adoption of Office 365 in the cloud moves sensitive data outside of the corporate controls, creating risk to intellectual property and compliance sensitive information. Companies face the risk that malware from attachments and malicious URLs in email will lead to a successful breach. In fact, email continues to be the #1 attack vector and 71% of targeted attacks are based on spear phishing emails. But it’s not just Office 365. There are other SaaS applications that are in evaluation and use, posing a threat to organizations.
  • #3 As companies (willingly or not) adopt cloud-based applications, they need to consider their broad ecosystem of applications and cloud providers as well as the implications of O365. The benefits across the bottom are some of the biggest drivers of companies migrating to Office 365. It’s not just an IT decision anymore. Sometimes it’s led by a business owner. Symantec is a recognized “best in class” malware protection technology (leader in Gartner MQ) and trusted more than Microsoft, who historically has had poor malware protection.
  • #4 Many enterprises considering a move to cloud are unaware of the public cloud “shared responsibility model” of security. The “shared responsibility model” means that enterprises are responsible for securing everything above the hypervisor, including workloads and data. A “Lift and Shift” approach of extending existing security controls to the public cloud doesn’t work as they do not integrate with cloud-native environments.
  • #6 Shadow IT makes it hard to maintain visibility & control Shadow Data raises data loss risk The virtual nature of the cloud makes account takeover an easy and effective way for carrying out attacks
  • #7   Companies are moving to the cloud with speed and specifically email has moved out of the four walls of the data center and the criminals are busy figuring out how to hack corporate systems. The threat vectors are changing every day, making it nearly impossible for a company to keep up with it on their own. Symantec CloudSOC and Email Security.cloud helps you secure your email and apps against threats, protect your confidential data, and gain control over how your accounts and the content within them are accessed, used, emailed, and shared by your employees, contractors, vendors, and clients.
  • #8 What are some things you should be thinking about? There are multi-vector attacks that you need to protect against, in addition to SaaS applications, Office 365. How are you getting visibility to provide a feedback loop and an audit trail? You need real time information so people can take action immediately. • Secure accounts for sanctioned and unsanctioned applications. • Create a cohesive strategy to secure the movement to cloud. • Embrace high-efficacy threat protection. • Maintain compliance and protect sensitive information within O365, existing business applications, and existing data across on-premises and cloud consumption models. • Reduce security operational costs with a solution that supports Office 365, other cloud apps, and hybrid cloud environments. • Improve security processes with solutions that embrace automation and integration across business applications. • Consider the value of artificial intelligence (AI)- driven user and entity behavioral analytics (UEBA), automated data classification, and automated policy responses. • Consider the value of advanced machine learning and threat isolation technologies to address sophisticated malicious threats.
  • #9 What are some things you should be thinking about? There are multi-vector attacks that you need to protect against, in addition to SaaS applications, Office 365. How are you getting visibility to provide a feedback loop and an audit trail? You need real time information so people can take action immediately. • Secure accounts for sanctioned and unsanctioned applications. • Create a cohesive strategy to secure the movement to cloud. • Embrace high-efficacy threat protection. • Maintain compliance and protect sensitive information within O365, existing business applications, and existing data across on-premises and cloud consumption models. • Reduce security operational costs with a solution that supports Office 365, other cloud apps, and hybrid cloud environments. • Improve security processes with solutions that embrace automation and integration across business applications. • Consider the value of artificial intelligence (AI)- driven user and entity behavioral analytics (UEBA), automated data classification, and automated policy responses. • Consider the value of advanced machine learning and threat isolation technologies to address sophisticated malicious threats.
  • #10 Now we’re going to go into why exactly customers need a third-party email security solution for their Office 365 deployment. Our internal competitive TASER tests show that Office 365 has extremely poor effectiveness and a high false positive rate for email threats. There are a couple of reasons why it’s such a poor security solution: First off, it has only basic security since it over relies on signatures and blacklists to stop threats and spam. This approach is good at stopping known threats, but not at stopping new, emerging threats, which are constantly arising in the threat landscape. Next, it has minimal advanced threat protection capabilities. One example of this is that it will block a threat, but not tell you why it was blocked or if the threat was targeted. Finally, it provides only basic DLP that protects mainly just Microsoft solutions such as Office 365 or On-Premises Exchange. Preventing data leakage for non-Microsoft products requires a 3rd-party DLP solution and customers who need advanced DLP capabilities will also need another solution since Office 365 DLP lacks granular policies and sophisticated scanning capabilities.
  • #11 You need a solution that supplements the security of cloud-based productivity tools like Office 365 or G Suite with a multi-layered approach that effectively and accurately detects both new and known spam & email threats, including sophisticated threats such as spear phishing, ransomware, and Business Email Compromise. Moreover, customers need integrated threat isolation to insulate their users from advanced email attacks such as credential phishing or ransomware. Symantec is a security-focused vendor with an integrated defense strategy across multiple threat vectors. This unified approach helps customers strengthen their overall security posture and improve security outcomes by sharing intelligence and learnings across security products.
  • #12 Email Security.cloud accelerates attack response with analytics that provide the deepest visibility into targeted and advanced attack campaigns. This intelligence includes insights into both clean and malicious emails, and provides more Indicators of Compromise (60+ data points including URLs, file hashes, and targeted attack information) than any other vendor. This can all be streamed to your Security Operations Center (SOC) via integrations with third-party Security Information and Event Management (SIEM) systems and Symantec Managed Security Services. This enables you to hunt for threats across your environment and quickly determine an attack’s severity and scope.
  • #13 Today almost every organization is on or evaluating a move to the cloud with Office 365 and Gmail. However, what most organizations don’t realize is that moving to the cloud leads to security and operational challenges: This increases the attack surface, as email systems are no longer behind a firewall inside the corporate perimeter. Now, email systems are publicly addressable by cybercriminals, who can easily break into your email account. Because of this, users are increasingly being targeted by advanced credential phishing & malware emails. These attacks try to take over your user’s account or get them to download malware that moves laterally within your network. Disparate products increase security gaps and operational complexity When you have multiple point-products that don’t communicate with each other, this leads to security gaps and complexity that attackers can exploit Sensitive information is shared over email without control & visibility Your could lose important insights and control over your data when you move to the cloud (since DLP is typically on-prem) These are difficult challenges Microsoft or Google cannot address, as they are a cloud-productivity vendors, not cybersecurity companies. As a result, we believe that you need a strong, third-party email security solution such as Symantec. Even analyst firms such as Gartner recommend this approach, as they’ve publicly stated that many clients are struggling to protect their organization with the built-in Microsoft security, and that many of these customers turn to third-party email security solutions such as Symantec. All of this is happening while you’re dealing with the same challenges you had when your systems were on-prem: Stopping highly socially engineered attacks Preventing advanced attacks Keeping your confidential data secure and private
  • #16 Highlight CASB 2.0 strategy, unique differentiation vs. competitors Highlight new features over the past several months, DLP updates, WSS chaining, ATP integration
  • #17 While CASB 1.0 is important, we believe there is a new frontier for CASB solutions that is even more important – the ability to seamlessly integrate with a range of core security technologies, providing a seamless experience for our customers and avoiding multiple security silos. We call this CASB 2.0. For example, how do you ensure that your core DLP policies are enforced consistently between on prem and the cloud world? How do you ensure your web security products can provide visibility AND control for cloud activity? How do you ensure that best of breed malware protection is applied to your cloud content? CASB 2.0 is a way to knit all of these technologies together to ensure comprehensive security coverage of all cloud activity, increasing security efficacy, reducing operational expenses, and improving the user experience. At Symantec, we are committed to being the leader in this area, and have already delivered many of these capabilities. Throughout this presentation we will highlight areas where we have integrated our CASB solution with ProxySG/WSS, Symantec DLP, ATP, VIP, SEP and ICE to deliver additional value for our customers.
  • #18 The best next step beyond email security and CASB is integrating DLP in the cloud
  • #19  DLP Cloud Service for Email actively monitors and analyzes outbound emails from Office 365 Exchange Online via SMTP/TLS and optionally modifies, redirects, or blocks messages that violate DLP policies. DLP Cloud Detection Service, through its integration with CloudSOC CASB, provides coverage for 100+ cloud applications through a combination of API scanning and real-time, inline traffic inspection for policy violations using a scalable, low-latency cloud-based DLP detection service. DLP can perform Data-at-Rest and continuous (event-driven) scans through API connectors for One Drive, Sharepoint Online, Exchange Online (and more). For example, a cloud storage service provider can call the DLP Cloud Detection Service via the REST API and send a document to our detection service to examine it for possible DLP policy violation as the file is being uploaded by a customer’s employee. DLP Cloud Detection Service will examine the file’s content per customer’s DLP policy, and inform the cloud storage service if such document violates their customer’s DLP policy, and how the cloud storage service should protect the document (i.e. prevent the upload, encrypt it, or quarantine it, etc.). When used in conjunction with CloudSOC and DLP Cloud Detection Service, Symantec Information Centric Encryption (ICE) enables strong encryption of data in cloud applications such as Box, OneDrive and Sharepoint Online, and the documents protected with ICE can be tracked and revoked remotely by administrators if needed.
  • #20 Symantec vous aide à faire tout cela et plus encore avec notre solution Symantec Symantec Data Loss Prevention (DLP), qui applique un seul ensemble de stratégies DLP sur tous les canaux de votre entreprise (messagerie, Web, applications cloud, points de terminaison, réseau, stockage).
  • #22 Adding Web Security Service is next step Log files from Proxy are integrated with our CASB and App database and your shadow IT gets exposed in a easy to use dashboard You can then set policies in your proxy to control access to these cloud applications, by user, location, group, etc. Some you may want to completely shut down, others you may want to limit and enforce controls such as malware scanning on file downloads. As your users try to access cloud apps, the Audit App feed from the Symantec Global Intelligence Network, informs proxy of the intended destination of your users, and your policy controls are enforced.
  • #23 Symantec solutions are optimized for O365 performance We have taken steps to simplify the process of deploying proxy-based security, which is critical to securing the use of any cloud-based app. - Auto alignment of O365 IP Addresses And we have taken steps to accelerate user experience when this security is in place… - TCP Window Scaling - Networking Peering - Bandwidth control In early Feb 2018 press release put out with Microsoft’s support (Microsoft Quote) supporting WSS to secure O365 and Azure.
  • #26 Once you can see what’s happening, you can get alerts Then you can set policies and have controls in place that can be fine tuned over time Now you’re able to see data loss and threats and implement protection protocols Machine learning can inspect real-time what’s happening in multiple cloud environments