According to the latest IBM X-Force Research report, the average consolidated total cost of a single data breach is $3.8 million. And with data breaches up 22% so far in 2016, across every vertical imaginable, the threat must be addressed. Watch Google and CloudLock's discussion in this hands-on exploration of how your organization can combat these ever changing security threats.
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
1. Google confidential | Do not distribute
Be A Hero
Combat Cloud Security Threats with Google Apps
Unlimited and Cloudlock
Hayley Bakst
hayley.bakst@cloudlock.com
Global Alliances
Mahshad Haeri
Mahshad@google.com
Senior Solutions Engineer
2. Google confidential | Do not distribute
What to expect?
1. New security threats in the cloud
2. How Google Apps Unlimited + CloudLock can help save you
from these villians
a. Protect your users
b. Protect your sensitive data
c. Protection against malware
d. Gain visibility into user activities
2
3. Google confidential | Do not distribute
What’s so scary?
According to the latest IBM X-
Force Research report, the
average consolidated total cost of
a data breach is $3.8 million
3
4. Google confidential | Do not distribute
What Can Go Wrong?
● Accidental publication
● Configuration error
● Hacked systems
● Phishing
● Weak passwords
● Poor device
security
● Low Visibility
● Insider threat
Damage, Lawsuits
& Fines
Lost IP, Business &
Reputation
Privacy Violations
4
5. Google confidential | Do not distribute
Business (Public SaaS) People Custom Apps (PaaS & IaaS)
Legacy Security
Solutions
ON-PREMISECLOUD
CyberSecurity
Fabric
Messaging & Collaboration
Sales & marketing
HR & Skills
Finance
Sharepoint
Apps
App Server
Database
force.com
The Era of Full Cloud is upon us
5
6. Google confidential | Do not distribute
Changing IT models requires a new security paradigm
APPS DATA USERS
NETWORK
NEW MODEL:
People-Centric Security
IDENTITY CLOUD
DEVICE /
NETWORK
OLD MODEL:
Network-Based Security
ACCOUNTS
6
7. Google confidential | Do not distribute 7
World Class Data Centers
Global Private Network
Back End Security
Application Security
Google Apps Security
End User Security
10. Google confidential | Do not distribute
Cloud Access Security Broker (CASB) with CloudLock
force.com
What Shadow
Apps are my users
using?
What do users do
in my Cloud Apps?
How do I identify
compromised
Accounts?
Are Shadow Apps
connected to
sanctioned Ones ?
Do I have sensitive
/Toxic /regulated
data in the cloud?
How do I encrypt/
Quarantine
sensitive data in
the cloud?
SaaS
force.com
PaaS and IaaS IDaaS
10
11. Google confidential | Do not distribute
How can we help?
APPSACCOUNTS
DATA
+
Data Breach
Data Security/Compliance (Cloud
DLP/Encryption)
Compromised Accounts
Threat Protection (UEBA)
Cloud Malware
Visibility (Apps Firewall)
Data Loss Prevention
DLP for email and Drive
User interaction audits and
information Discovery
Drive Audit logs, Vault
Fine-Grained Admin Controls
OU level Drive controls
11
12. Google confidential | Do not distribute
Users
We do love our users, but 95% of
security attacks involve human
error
12
13. Google confidential | Do not distribute
Is phishing effective?*
3%
The most obvious
phishing webpages
Trick users
3%
of the time
13%
Average
phishing webpages
Trick users
13%
of the time
Trick users
45%
of the time
Hijackers
move fast
20%
20% of accounts
are accessed within
30 minutes
of being phished
* Google study of manual hackers
The most
believable phishing
webpages
45%
13
14. Google confidential | Do not distribute
Two factor authentication (Security key management)
14
15. Google confidential | Do not distribute
Visibility into user interactions (Drive Audit Logs)
15
16. Google confidential | Do not distribute
Making Sense of your Global Cloud Activities
16
17. Google confidential | Do not distribute
Example of why you need User Behavior Entity Analytics
North America
9:00 AM ET
▪ Login to:
Africa
10:00 AM ET
▪ Data export
from:
● Distance from the US to the Central African Republic: 7,362 miles
● At a speed of 800 mph, it would take 9.2 hours to travel between
them
17
18. Google confidential | Do not distribute
eDiscovery and Archive (Vault)
● Quick and easy legal discovery (email, Drive content)
● Preserve company data (email and Documents retention policies and holds)
● Export and Share results
18
25. Google confidential | Do not distribute
Create trusted relationships between domains
25
26. Google confidential | Do not distribute
Fine tuned admin controls: Managing Sharing by OU
26
27. Google confidential | Do not distribute
Advanced Data Loss Prevention
● Predefined content detectors (Internationalized)
● Optical Character Recognition (OCR)
● Content thresholds settings (control # of false positives)
27
^4[0-9]{12}(?:[0-9]{3})?$
28. Google confidential | Do not distribute
CloudLock Encryption Management for Google
File and Folder-Level Encryption
Protect your most sensitive content within Google Drive from unauthorized access
User and Policy-Driven
Enterprise-Owned Keys
On-Premises or In Cloud
Preserve real-time co-authoring
28
29. Google confidential | Do not distribute
Where to get your cloud security superpowers?
APPS
ACCOUNTS
DATA
+
Protect your Company Data from
being lost, stolen, and exposed
Protect against Cloud
malware, phishing attacks,
and other breaches
Protect your corporate
accounts and safeguard
your users
29
30. Google confidential | Do not distribute
1. Contact your Google account manager
2. Contact Hayley.Bakst@cloudlock.com to learn more about
Cloudlock:
What now?
First 5 Attendees to contact Hayley will
get a CloudLock Cyber Security
Assessments for FREE !!!!!
30