SlideShare a Scribd company logo

Preventing Data Cloud Breaches with Zero Trust

S
Sara Goodison

Large profile data breaches have become a part of our daily reality. Shouldn't the move to the data cloud make organizations more secure? Turns out, making sense of the who, what, where, and how of data use is only getting more complex. Join us to learn about how to protect your data with Zero Trust Architecture. We'll cover the common security mistakes organizations make in the data cloud, and the tactics that attackers use to take advantage of them. By the end of the session, you'll learn new approaches that help your security or DevOps teams observe, control, and protect data.

Engineering
1 of 27
Download to read offline
1 Preventing Data Cloud Breaches with Zero Trust October 15, 2020 Poorna Udupi Chief Technology Officer Good Money Srini Vadlamani Chief Technology Officer, Co-Founder Cyral
2 Introductions Poorna Udupi Chief Technology Officer Good Money Srini Vadlamani Chief Technology Officer, Co-Founder Cyral
3 Agenda Data Cloud and Challenges in Securing It Common Attacker Tactics and Techniques Application of Zero Trust Architecture in Data Cloud Cyral’s Approach to Data Cloud Security Q&A
What is Data Cloud? 4
5 Digital Growth Initiatives are Driving Adoption of the Data Cloud Exponential Data Growth • Footprint expansion • Heterogeneous workloads Data Democratization • Broad access to data • No single gateway Shadow Adoption • Developer-led design • Platform interoperability
What are Some Common Security Challenges in the Data Cloud? 6
7 Transition to Cloud Requires Us to Rethink Security Secured by numerous established security vendors ?
8 Challenges with the Data Cloud LACK OF IDENTITY NO SUPPORT OF SAML/OIDC LACK OF VISIBILITY EXPENSIVE AND COMPLEX LACK OF ACCESS CONTROL USERS, APPS, TOOLS, SERVICES
9 Data Is at the Heart of Zero Trust DataPeople Devices Apps Workloads Visibility & Analytics Automation & Orchestration
What Are Some Threat Tactics that Attackers Commonly Use? 10
11 Exposed Data Endpoints
12 Shared Credentials
13 SQL Injections
14 Reconnaissance Scans
15 Plaintext Communication
16 Database Password Spraying
17 Trickle Exfiltration
How Can Zero Trust Architecture Help Secure the Data Cloud? 18
19 Securing Data with Zero Trust Data Discovery and Classification Flow Mapping Risk Assessment Security Controls & Mitigation De-Identification Rights Management Data In-Use Protection Encryption and Tokenization Data Loss Prevention
Intercept and record all signals from all data sources Understand true data footprint Enrich data activity logs with user context Deliver single log source with uniform logging syntax Integrate with all intersection points Prioritize IAM and SIEM/UEBA Introduce granular segmentation and least privilege Obfuscate any sensitive information 20 Key Steps to Zero Trust Observe Data Endpoints Understand Context Integrate with Security Program Manage Access 1 2 3 4
How Does Cyral Approach Data Cloud Security? 21
22 Cyral: Security for the Data Cloud OBSERVE CONTROL PROTECT • Logs, metrics, traces • Shorter debugging cycle, MTTR • Faster audits, incident response • Enable SSO / MFA • Implement least privilege, SoD • Extend Zero Trust to data cloud • Alert or block threats • Enforce tenant security • Stop targeted data breaches
23 Cyral and Zero Trust Observe Data Endpoints Understand Context Manage Access Integrate with Security Program 1 2 3 4 Logs Full IAM Context Client/App Context Single Sign-On Segregation of Duties Least Privilege CI/CD integration Security Analytics Incident Response Metrics Traces
24 Cyral vs. Data Cloud Threats Exposed Data Endpoints Shared Credentials SQL Injections Recon Scans Plaintext Communication DB Password Spraying Trickle Exfiltration Alerting on suspicious and unauthorized access Integration with IAM providers Alerting on SQL injections Alerting on recon scans Encryption enforcement and bypass protection Alerting on password spraying Alerting on trickle exfiltration
Q&A 25
26 Q&A Poorna Udupi Chief Technology Officer Good Money Srini Vadlamani Chief Technology Officer, Co-Founder Cyral
Thank you. Questions? hello@cyral.com 27

Recommended

Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
AlgoSec
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice
AlgoSec
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore
 
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnoxZero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
AccuKnox
 
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass
 
IRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreIRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | Seclore
Seclore
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Management Associates
 

Recommended

Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​Zero Trust Framework for Network Security​
Zero Trust Framework for Network Security​
AlgoSec
 
5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice5 Steps to a Zero Trust Network - From Theory to Practice
5 Steps to a Zero Trust Network - From Theory to Practice
AlgoSec
 
Insider Threat Protection | Seclore
Insider Threat Protection | SecloreInsider Threat Protection | Seclore
Insider Threat Protection | Seclore
Seclore
 
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnoxZero Trust Run-time Kubernetes Security made easy with AccuKnox
Zero Trust Run-time Kubernetes Security made easy with AccuKnox
AccuKnox
 
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass
 
IRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | SecloreIRDAI Compliance & Data-Centric Security | Seclore
IRDAI Compliance & Data-Centric Security | Seclore
Seclore
 
Cloud security
Cloud securityCloud security
Cloud security
BikashPokharel3
 
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Zero Trust Networking Strategies: Secure Remote Access and Network...
Enterprise Management Associates
 
Securing Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The CustomerSecuring Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The Customer
Datapipe
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service Provider
Datapipe
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
Bitglass
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud Security
Lora O'Haver
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
Elastica Inc.
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass
 
Bitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud SecurityBitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
Zscaler
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
Bitglass
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass
 
Securing Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The VendorSecuring Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The Vendor
Datapipe
 
Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - Symantec
Harry Gunns
 
CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and prediction
Vishwas Manral
 
COSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero TrustCOSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero Trust
Frans Sauermann
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
Bitglass
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
David J Rosenthal
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid final
DevOps.com
 
5 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 3655 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 365
Netskope
 
Protecting Your Data In Office 365
Protecting Your Data In Office 365Protecting Your Data In Office 365
Protecting Your Data In Office 365
Elastica Inc.
 
Limitless xdr meetup
Limitless xdr meetupLimitless xdr meetup
Limitless xdr meetup
Daliya Spasova
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
Symantec
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
GhofraneFerchichi2
 

More Related Content

What's hot

Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
Elastica Inc.
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
Bitglass
 
Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - Symantec
Harry Gunns
 
COSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero TrustCOSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero Trust
Frans Sauermann
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
David J Rosenthal
 
Protecting Your Data In Office 365
Protecting Your Data In Office 365Protecting Your Data In Office 365
Protecting Your Data In Office 365
Elastica Inc.
 

What's hot (20)

Securing Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The CustomerSecuring Your Business #4 - Role Of The Customer
Securing Your Business #4 - Role Of The Customer
 
Securing Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service ProviderSecuring Your Business #3 - Role Of The Service Provider
Securing Your Business #3 - Role Of The Service Provider
 
CASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the CloudCASB Cases: How Your Peers are Securing the Cloud
CASB Cases: How Your Peers are Securing the Cloud
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud Security
 
Ciso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data ExposedCiso Platform Webcast: Shadow Data Exposed
Ciso Platform Webcast: Shadow Data Exposed
 
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018Bitglass Webinar - 5 Cloud Security Best Practices for 2018
Bitglass Webinar - 5 Cloud Security Best Practices for 2018
 
Bitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud SecurityBitglass Webinar - A Primer on CASBs and Cloud Security
Bitglass Webinar - A Primer on CASBs and Cloud Security
 
Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?Adopting A Zero-Trust Model. Google Did It, Can You?
Adopting A Zero-Trust Model. Google Did It, Can You?
 
Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2Webinar bitglass - complete deck-2
Webinar bitglass - complete deck-2
 
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
Bitglass Webinar - BlueCross BlueShield of Tennessee's CASB Journey to Secure...
 
Securing Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The VendorSecuring Your Business #2 - Role Of The Vendor
Securing Your Business #2 - Role Of The Vendor
 
Content is King - Symantec
Content is King - SymantecContent is King - Symantec
Content is King - Symantec
 
CSA SV Threat detection and prediction
CSA SV Threat detection and predictionCSA SV Threat detection and prediction
CSA SV Threat detection and prediction
 
COSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero TrustCOSAC 2021 presentation - AWS Zero Trust
COSAC 2021 presentation - AWS Zero Trust
 
securing the cloud for financial services
securing the cloud for financial servicessecuring the cloud for financial services
securing the cloud for financial services
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
 
Securing medical apps in the age of covid final
Securing medical apps in the age of covid finalSecuring medical apps in the age of covid final
Securing medical apps in the age of covid final
 
5 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 3655 Highest-Impact CASB Use Cases - Office 365
5 Highest-Impact CASB Use Cases - Office 365
 
Protecting Your Data In Office 365
Protecting Your Data In Office 365Protecting Your Data In Office 365
Protecting Your Data In Office 365
 
Limitless xdr meetup
Limitless xdr meetupLimitless xdr meetup
Limitless xdr meetup
 

Similar to Preventing Data Cloud Breaches with Zero Trust

Innovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big DataInnovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big Data
Cloudera, Inc.
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
Ulf Mattsson
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
Abdul Khan
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File Sharing
CipherCloud
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formatted
Matthew Moldvan
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
Cloudera, Inc.
 

Similar to Preventing Data Cloud Breaches with Zero Trust (20)

Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
 
chapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptxchapitre1-cloud security basics-23 (1).pptx
chapitre1-cloud security basics-23 (1).pptx
 
Innovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big DataInnovation Without Compromise: The Challenges of Securing Big Data
Innovation Without Compromise: The Challenges of Securing Big Data
 
Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...Cloud data governance, risk management and compliance ny metro joint cyber...
Cloud data governance, risk management and compliance ny metro joint cyber...
 
The evolution of IT in a cloud world
The evolution of IT in a cloud worldThe evolution of IT in a cloud world
The evolution of IT in a cloud world
 
Guide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azureGuide to security patterns for cloud systems and data security in aws and azure
Guide to security patterns for cloud systems and data security in aws and azure
 
Information security group presentation ppt
Information security group presentation pptInformation security group presentation ppt
Information security group presentation ppt
 
Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...Cyber security within Organisations: A sneaky peak of current status, trends,...
Cyber security within Organisations: A sneaky peak of current status, trends,...
 
Information security group presentation
Information security group presentationInformation security group presentation
Information security group presentation
 
Data security in the cloud
Data security in the cloud Data security in the cloud
Data security in the cloud
 
Windstream Cloud Security Presentation
Windstream Cloud Security PresentationWindstream Cloud Security Presentation
Windstream Cloud Security Presentation
 
Datacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGeeDatacenter 2014: Trend Micro - Bill MCGee
Datacenter 2014: Trend Micro - Bill MCGee
 
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
Trend Micro: Security Challenges and Solutions for the Cloud (Saas) & Cloud S...
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File Sharing
 
Automation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formattedAutomation alley day in the cloud presentation - formatted
Automation alley day in the cloud presentation - formatted
 
Protecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomwareProtecting health and life science organizations from breaches and ransomware
Protecting health and life science organizations from breaches and ransomware
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches
 
Datacenter 2014: Symantec - Peter Schjøtt
Datacenter 2014: Symantec - Peter SchjøttDatacenter 2014: Symantec - Peter Schjøtt
Datacenter 2014: Symantec - Peter Schjøtt
 
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the CloudTop 5 Information Security Lessons Learned from Transitioning to the Cloud
Top 5 Information Security Lessons Learned from Transitioning to the Cloud
 
Cloud computing-security-issues
Cloud computing-security-issuesCloud computing-security-issues
Cloud computing-security-issues
 

Recently uploaded

Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdf
Kamal Acharya
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
Kamal Acharya
 
Fruit shop management system project report.pdf
Fruit shop management system project report.pdfFruit shop management system project report.pdf
Fruit shop management system project report.pdf
Kamal Acharya
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
Pipe Restoration Solutions
 
Digital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfDigital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdf
AbrahamGadissa
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
Kamal Acharya
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
ViniHema
 
Antenna efficency lecture course chapter 3.pdf
Antenna efficency lecture course chapter 3.pdfAntenna efficency lecture course chapter 3.pdf
Antenna efficency lecture course chapter 3.pdf
AbrahamGadissa
 

Recently uploaded (20)

Danfoss NeoCharge Technology -A Revolution in 2024.pdf
Danfoss NeoCharge Technology -A Revolution in 2024.pdfDanfoss NeoCharge Technology -A Revolution in 2024.pdf
Danfoss NeoCharge Technology -A Revolution in 2024.pdf
 
fundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projectionfundamentals of drawing and isometric and orthographic projection
fundamentals of drawing and isometric and orthographic projection
 
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
Sachpazis:Terzaghi Bearing Capacity Estimation in simple terms with Calculati...
 
Event Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdfEvent Management System Vb Net Project Report.pdf
Event Management System Vb Net Project Report.pdf
 
Construction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptxConstruction method of steel structure space frame .pptx
Construction method of steel structure space frame .pptx
 
shape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptxshape functions of 1D and 2 D rectangular elements.pptx
shape functions of 1D and 2 D rectangular elements.pptx
 
Architectural Portfolio Sean Lockwood
Architectural Portfolio Sean LockwoodArchitectural Portfolio Sean Lockwood
Architectural Portfolio Sean Lockwood
 
Final project report on grocery store management system..pdf
Final project report on grocery store management system..pdfFinal project report on grocery store management system..pdf
Final project report on grocery store management system..pdf
 
Fruit shop management system project report.pdf
Fruit shop management system project report.pdfFruit shop management system project report.pdf
Fruit shop management system project report.pdf
 
The Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdfThe Benefits and Techniques of Trenchless Pipe Repair.pdf
The Benefits and Techniques of Trenchless Pipe Repair.pdf
 
ASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdfASME IX(9) 2007 Full Version .pdf
ASME IX(9) 2007 Full Version .pdf
 
Toll tax management system project report..pdf
Toll tax management system project report..pdfToll tax management system project report..pdf
Toll tax management system project report..pdf
 
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-IENERGY STORAGE DEVICES INTRODUCTION UNIT-I
ENERGY STORAGE DEVICES INTRODUCTION UNIT-I
 
Digital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdfDigital Signal Processing Lecture notes n.pdf
Digital Signal Processing Lecture notes n.pdf
 
Courier management system project report.pdf
Courier management system project report.pdfCourier management system project report.pdf
Courier management system project report.pdf
 
power quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptxpower quality voltage fluctuation UNIT - I.pptx
power quality voltage fluctuation UNIT - I.pptx
 
weather web application report.pdf
weather web application report.pdfweather web application report.pdf
weather web application report.pdf
 
Antenna efficency lecture course chapter 3.pdf
Antenna efficency lecture course chapter 3.pdfAntenna efficency lecture course chapter 3.pdf
Antenna efficency lecture course chapter 3.pdf
 
Democratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek AryaDemocratizing Fuzzing at Scale by Abhishek Arya
Democratizing Fuzzing at Scale by Abhishek Arya
 
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdfA CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
A CASE STUDY ON ONLINE TICKET BOOKING SYSTEM PROJECT.pdf
 

Preventing Data Cloud Breaches with Zero Trust

  • 1. 1 Preventing Data Cloud Breaches with Zero Trust October 15, 2020 Poorna Udupi Chief Technology Officer Good Money Srini Vadlamani Chief Technology Officer, Co-Founder Cyral
  • 2. 2 Introductions Poorna Udupi Chief Technology Officer Good Money Srini Vadlamani Chief Technology Officer, Co-Founder Cyral
  • 3. 3 Agenda Data Cloud and Challenges in Securing It Common Attacker Tactics and Techniques Application of Zero Trust Architecture in Data Cloud Cyral’s Approach to Data Cloud Security Q&A
  • 4. What is Data Cloud? 4
  • 5. 5 Digital Growth Initiatives are Driving Adoption of the Data Cloud Exponential Data Growth • Footprint expansion • Heterogeneous workloads Data Democratization • Broad access to data • No single gateway Shadow Adoption • Developer-led design • Platform interoperability
  • 6. What are Some Common Security Challenges in the Data Cloud? 6
  • 7. 7 Transition to Cloud Requires Us to Rethink Security Secured by numerous established security vendors ?
  • 8. 8 Challenges with the Data Cloud LACK OF IDENTITY NO SUPPORT OF SAML/OIDC LACK OF VISIBILITY EXPENSIVE AND COMPLEX LACK OF ACCESS CONTROL USERS, APPS, TOOLS, SERVICES
  • 9. 9 Data Is at the Heart of Zero Trust DataPeople Devices Apps Workloads Visibility & Analytics Automation & Orchestration
  • 10. What Are Some Threat Tactics that Attackers Commonly Use? 10
  • 18. How Can Zero Trust Architecture Help Secure the Data Cloud? 18
  • 19. 19 Securing Data with Zero Trust Data Discovery and Classification Flow Mapping Risk Assessment Security Controls & Mitigation De-Identification Rights Management Data In-Use Protection Encryption and Tokenization Data Loss Prevention
  • 20. Intercept and record all signals from all data sources Understand true data footprint Enrich data activity logs with user context Deliver single log source with uniform logging syntax Integrate with all intersection points Prioritize IAM and SIEM/UEBA Introduce granular segmentation and least privilege Obfuscate any sensitive information 20 Key Steps to Zero Trust Observe Data Endpoints Understand Context Integrate with Security Program Manage Access 1 2 3 4
  • 21. How Does Cyral Approach Data Cloud Security? 21
  • 22. 22 Cyral: Security for the Data Cloud OBSERVE CONTROL PROTECT • Logs, metrics, traces • Shorter debugging cycle, MTTR • Faster audits, incident response • Enable SSO / MFA • Implement least privilege, SoD • Extend Zero Trust to data cloud • Alert or block threats • Enforce tenant security • Stop targeted data breaches
  • 23. 23 Cyral and Zero Trust Observe Data Endpoints Understand Context Manage Access Integrate with Security Program 1 2 3 4 Logs Full IAM Context Client/App Context Single Sign-On Segregation of Duties Least Privilege CI/CD integration Security Analytics Incident Response Metrics Traces
  • 24. 24 Cyral vs. Data Cloud Threats Exposed Data Endpoints Shared Credentials SQL Injections Recon Scans Plaintext Communication DB Password Spraying Trickle Exfiltration Alerting on suspicious and unauthorized access Integration with IAM providers Alerting on SQL injections Alerting on recon scans Encryption enforcement and bypass protection Alerting on password spraying Alerting on trickle exfiltration
  • 26. 26 Q&A Poorna Udupi Chief Technology Officer Good Money Srini Vadlamani Chief Technology Officer, Co-Founder Cyral