SlideShare a Scribd company logo

Every cloud cloud risk assessment 2018

S
soniamcpherson11

We at EveryCloud, help you to be more cloud confident, we do this in a number of ways that include email security, web security, insider threat management, identity and access management, cloud communications and cloud access security. Web Security – preventing DLP, URL spoofing, malicious sties, rogue web applications etc. Control access to networks, apps and websites, visualise users, data and device behaviour Email Security – preventing phishing, ransomware, spam and data exposure. Improved protection against malware and other threats, increase employee and network efficiency. Identity Access Management - helping your business to stay safe, by providing powerful solutions for MFA, password vulnerabilities, improve visibility and reporting, helping you reduce high volume helpdesk tickets, on boarding and off boarding staff, contractors and suppliers, leveraging best of breed SaaS, unify API access and management to keep apps and data safe, automate user lifecycles by connecting business and IT processes Insider Threat protection - providing a 360-degree view of activities around your data – the who, what, where and when – by monitoring user behaviour and data flow – then instantly alerting to any anomalous or malicious activity. Cloud Communications - we help your journey to a Cloud based Contact Centre improving Customer Service in an omni-channel environment integrating Call Centre, Email, Live Chat, co-browsing, Instant Messaging and much more. Cloud Access Security - we assist you to govern your business’ cloud usage with visibility and control. We help you to understand risky activity, protect and prevent the loss of sensitive data and guard against cloud-based threats such as malware and ransomware. Email us discover@everycloud.co.uk or visit our website www.everycloud.co.uk - we are happy to help you

Technology
1 of 17
Download to read offline
BE CLOUD CONFIDENT A NEW APPROACH TO CLOUD ACCESS AND SECURITY
By 2020 85% of large enterprises will use a cloud access security broker to protect their operations
v THE CHANGING THREAT LANDSCAPE 3 Data Center YESTERDAY TODAY Mobile Users Branch Office HQ Remote Users VPN HQ Branch Office Data Center Remote Users VPN NetworkPerimeter
v CYBERSECURITY MONTH – SOME FACTS “74%of companies have abandoned traditional security policies and tech because they can’t be used effectively for the Cloud” Source: The Evolution of Cloud Security Group “80%of participants acknowledged their on-premises security policies, technologies and skills are more mature than those for cloud applications” Source: The Evolution of Cloud Security Group “A study by IBMSecurity found that the number of ransomware-infected emails increased 6,000 percent compared to 2015” Source: Ransomware: how consumers and businesses value there data (IBM Security) “95%of all attacks on enterprise networks are the result of successful spear phishing” Source: Allen Paller, Director of Research
v GDPR – KEY ARTICLES REGARDING DATA SECURITY • Privacy by Design • Privacy by Default • Organisational & Technical Strategies Article 25 • Security of Data Processing • Organisational & Technical Strategies Article 32 • Notification of Personal Breach within 72 Hours Article 33 • Communication of Personal Data Breach to the data subject Article 34 • Data Protection Impact Assessment • Include a description of measures to mitigate risks Article 35
v GDPR – ARTICLE 32 – MINIMUM MEASURES Pseudonymizingor encryptingpersonal data MaintainOngoing Confidentiality RestoreAvailabilityand Access toPersonal Data Testing&Evaluating
v GDPR – ARTICLE 32 – TECHNICAL STRATEGIES Data Discovery & Classification Data Loss Prevention Privileged User Monitoring Secure Audit Trail Sensitive Data Access Audit User rights management
v THE SHADOW IT CHALLENGE 88 30 % 95% of the apps are unknown by IT Most apps are not enterprise-ready End user is the new perimeter There are 22,000+ enterprise cloud apps today (and growing) % of data moving to Unsanctioned cloud apps 1,000 apps discovered – on average 5% 75% 20%
Cloud Risk Assessment
Cloud Usage Overview • 1,378 Number of Cloud Based Applications • Across 39 Application Categories • 26% of your data moving to unsanctioned Applications PCI Compliance • 512 PCI Incidents • 3 High severity incidents with files containing over 100 PCI Violations Personal Information / EUGDPR • 939 Apps that cannot erase your data • 813 Apps with unclear data ownership • 68% of Apps violating GDPR Malware &Compromised Accounts • 184 Compromised User Accounts • 692 Malicious Sites Accessed by 138 Users EXECUTIVE SUMMARY
% of all Data uploaded goes to unsanctioned cloud apps. Number Of Cloud Apps Discovered – 40% higher than industry average App’s With Unclear Data Ownership – no longer owns the data % Apps Non Enterprise Ready Not meeting basic standards Percentage Of Apps violating GDPR Number Of Apps that cannot erase your data when you leave the service 1,378 813 30% 68% 94.8% 939 KEY FINDINGS FROM CLOUD RISK ASSESSMENT
EXECUTIVE SUMMARY 1,378 2,350 173 29 Apps Discovered Users High Risk Apps High Risk Users App Total Bytes Risk WeTransfer 135GB H iCloud 28GB H Office365OneDrive 25GB L GoogleDrive 3GB L LiveOneDrive 1GB L 94% Of Apps Are Not Enterprise Ready APPS BY Cloud Confidence Level TOP STORAGE BY TOTAL BYTES CLOUD APP USAGE SUMMARY TOP EXPOSURES UsageSummary Number of AppCategories 39 Total DataMovement 1.6TB Total Uploads 350GB Total Downloads 1.3TB DataMovement inHighRisk Apps 365GB Exposureor RiskItem Potentially Compromised Accounts 184 Dateof Last Compromise 09/02/16 NonEnterpriseReady Apps 1,335 CONCERNS AND RECOMMENDATIONS Concern Recommendation PII GDPR Evaluatedatabeingstoredin apps that donot meet GDPR requirements for data ownership Unsanctioned Apps Adopt policy toevaluate unsanctionedapps and monitor datamovement DataLeakage Implement DLPpolicy across all applications toprotect sensitivedata CLOUD APP USAGE SUMMARY 1855 141 126 855 exce llent high low medium poor
Unsanctionedand blocked DISCOVERY IS ONE OF THE FOUR KEY STAGES OF AN OVERALL CLOUD SECURITY STRATEGY 1 Continuously discover cloud services and assess risk 2 Block the most risky services and coach users to use alternatives Block risky services Coach users 3 Safely enable cloud services you have sanctioned Apply adaptive access control Implement granular policies Prevent data loss Protect against threats Encrypt when necessary 4 Safely permit unsanctioned, yet necessary, cloud services Identify ecosystems, non-corporate instances, and create category-level and context-based policies Block risky activities Skipping this step may lead to user revolt and a decrease in productivity Unsanctioned andpermitted Sanctioned Discovered Blocked Sanctioned SafelyPermitted
v WITHOUT STRONG CLOUD SECURITY 1,249 Apps incl. CLOUD STORAGE: 25 APPS Box, Dropbox, OneDrive, GDrive, WeTransfer, Egnyte, ShareFile … HUMAN RESOURCES: 44 APPS iCIMS, Taleo, SuccessFactors, Cornerstone, OnDemand … COLLABORATION: 72 APPS WebEx, GoToMeeting, Blue Jeans, Join.me, Lync … FINANCE: 65 APPS Authorize.net, Zuora, Intuit, Concur, Expensify …
THE COST OF FAILING TO SECURE YOUR CLOUD DATABREACHES FAILEDAUDITS LOSS/THEFT OF INTELLECTUAL PROPERTY, SENSITIVE DATA § Reputational damage § Regulatory breaches § Fines and penalties § Business disruption § Lost profits § Customer confidence MAX FINE UNDER NEW EU DATA RULES: 4% of global turnover or €20m - whichever is greater
v ALIGNED TO GARTNER’S DEFINITION OF A CASB VISIBILITY Discover 100% coverage for all cloud traffic COMPLIANCE Aware Understand, report and control app usage DATASECURITY Comply Enterprise-class DLP enforced with context for all apps THREATPROTECTION Confidence Advanced threat protection built for the cloud By 2020 85% of Enterprises will deploy the services of a Cloud Access Security Broker. Gartner define a CASB as being able to provide the following:
BE CLOUD CONFIDENT A NEW APPROACH TO CLOUD ACCESS AND SECURITY

Recommended

Cloud computing risk assesment report
Cloud computing risk assesment reportCloud computing risk assesment report
Cloud computing risk assesment reportAhmad El Tawil
 
Cloud computing risk assesment
Cloud computing risk assesment Cloud computing risk assesment
Cloud computing risk assesment Ahmad El Tawil
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing riskssripriya78
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveAlgoSec
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...North Texas Chapter of the ISSA
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 

Recommended

Cloud computing risk assesment report
Cloud computing risk assesment reportCloud computing risk assesment report
Cloud computing risk assesment reportAhmad El Tawil
 
Cloud computing risk assesment
Cloud computing risk assesment Cloud computing risk assesment
Cloud computing risk assesment Ahmad El Tawil
 
Cloud computing risks
Cloud computing risksCloud computing risks
Cloud computing riskssripriya78
 
The Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveThe Security Policy Management Maturity Model: How to Move Up the Curve
The Security Policy Management Maturity Model: How to Move Up the CurveAlgoSec
 
Top PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveTop PCI Pitfalls and How to Avoid Them: The QSA’s Perspective
Top PCI Pitfalls and How to Avoid Them: The QSA’s PerspectiveAlgoSec
 
Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Security and Compliance Initial Roadmap
Security and Compliance Initial Roadmap Anshu Gupta
 
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...
NTXISSACSC2 - Four Deadly Traps in Using Information Security Frameworks by D...North Texas Chapter of the ISSA
 
Algo sec suite overview 2013 05
Algo sec suite overview 2013 05Algo sec suite overview 2013 05
Algo sec suite overview 2013 05hoanv
 
Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldQualys
 
What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813Kinetic Potential
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
Cyber Security # Lec 4
Cyber Security # Lec 4 Cyber Security # Lec 4
Cyber Security # Lec 4 Kabul Education University
 
Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Kinetic Potential
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersAlgoSec
 
Hipaa Compliance With IT
Hipaa Compliance With ITHipaa Compliance With IT
Hipaa Compliance With ITNainil Chheda
 
Taking the Pain out of PCI Compliance
Taking the Pain out of PCI ComplianceTaking the Pain out of PCI Compliance
Taking the Pain out of PCI ComplianceTripwire
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
Comp tia security sy0 601 domain 3 implementation
Comp tia security sy0 601 domain 3 implementationComp tia security sy0 601 domain 3 implementation
Comp tia security sy0 601 domain 3 implementationShivamSharma909
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringKimberly Simon MBA
 
Managed Services Sales Sheet
Managed Services Sales SheetManaged Services Sales Sheet
Managed Services Sales SheetScott Baines
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT Innovators
 
Information Security Analyst- Infosec train
Information Security Analyst- Infosec trainInformation Security Analyst- Infosec train
Information Security Analyst- Infosec trainInfosecTrain
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) MiajackB
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) MiajackB
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentResilient Systems
 
mcafee-cloud-acceleration-and-risks.pdf
mcafee-cloud-acceleration-and-risks.pdfmcafee-cloud-acceleration-and-risks.pdf
mcafee-cloud-acceleration-and-risks.pdfAndreBolo1
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 

More Related Content

What's hot

Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldQualys
 
What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813Kinetic Potential
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionMuhammad Akbar Yasin
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesGreenway Health
 
Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Kinetic Potential
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellenceErik Taavila
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersAlgoSec
 
Hipaa Compliance With IT
Hipaa Compliance With ITHipaa Compliance With IT
Hipaa Compliance With ITNainil Chheda
 
Taking the Pain out of PCI Compliance
Taking the Pain out of PCI ComplianceTaking the Pain out of PCI Compliance
Taking the Pain out of PCI ComplianceTripwire
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Phil Agcaoili
 
Comp tia security sy0 601 domain 3 implementation
Comp tia security sy0 601 domain 3 implementationComp tia security sy0 601 domain 3 implementation
Comp tia security sy0 601 domain 3 implementationShivamSharma909
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringKimberly Simon MBA
 
Managed Services Sales Sheet
Managed Services Sales SheetManaged Services Sales Sheet
Managed Services Sales SheetScott Baines
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT Innovators
 
Information Security Analyst- Infosec train
Information Security Analyst- Infosec trainInformation Security Analyst- Infosec train
Information Security Analyst- Infosec trainInfosecTrain
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) MiajackB
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) MiajackB
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentResilient Systems
 

What's hot (19)

Gain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless WorldGain Visibility & Control of IT Assets in a Perimeterless World
Gain Visibility & Control of IT Assets in a Perimeterless World
 
What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813What is a cybersecurity assessment 20210813
What is a cybersecurity assessment 20210813
 
Cybersecurity Framework - Introduction
Cybersecurity Framework - IntroductionCybersecurity Framework - Introduction
Cybersecurity Framework - Introduction
 
Roadmap to IT Security Best Practices
Roadmap to IT Security Best PracticesRoadmap to IT Security Best Practices
Roadmap to IT Security Best Practices
 
Cyber Security # Lec 4
Cyber Security # Lec 4 Cyber Security # Lec 4
Cyber Security # Lec 4
 
Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813Nist 800 53 deep dive 20210813
Nist 800 53 deep dive 20210813
 
Roadmap to security operations excellence
Roadmap to security operations excellenceRoadmap to security operations excellence
Roadmap to security operations excellence
 
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and RoutersEnsuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
Ensuring Continuous PCI-DSS 3.0 Compliance for Your Firewalls and Routers
 
Hipaa Compliance With IT
Hipaa Compliance With ITHipaa Compliance With IT
Hipaa Compliance With IT
 
Taking the Pain out of PCI Compliance
Taking the Pain out of PCI ComplianceTaking the Pain out of PCI Compliance
Taking the Pain out of PCI Compliance
 
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
Cybersecurity for Board of Directors - CIO Perspectives Atlanta 2015
 
Comp tia security sy0 601 domain 3 implementation
Comp tia security sy0 601 domain 3 implementationComp tia security sy0 601 domain 3 implementation
Comp tia security sy0 601 domain 3 implementation
 
Log Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity MonitoringLog Monitoring and File Integrity Monitoring
Log Monitoring and File Integrity Monitoring
 
Managed Services Sales Sheet
Managed Services Sales SheetManaged Services Sales Sheet
Managed Services Sales Sheet
 
Community IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security PolicyCommunity IT - Crafting Nonprofit IT Security Policy
Community IT - Crafting Nonprofit IT Security Policy
 
Information Security Analyst- Infosec train
Information Security Analyst- Infosec trainInformation Security Analyst- Infosec train
Information Security Analyst- Infosec train
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA)
 
International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA) International Journal of Information Security and Applications(IJISA)
International Journal of Information Security and Applications(IJISA)
 
You've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The IncidentYou've Been Breached: How To Mitigate The Incident
You've Been Breached: How To Mitigate The Incident
 

Similar to Every cloud cloud risk assessment 2018

mcafee-cloud-acceleration-and-risks.pdf
mcafee-cloud-acceleration-and-risks.pdfmcafee-cloud-acceleration-and-risks.pdf
mcafee-cloud-acceleration-and-risks.pdfAndreBolo1
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DaySymantec
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud SecurityLora O'Haver
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaCristian Garcia G.
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...Netskope
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --SymantecAbhishek Sood
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingCipherCloud
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionNetskope
 
Securing Your Cloud Transformation
Securing Your Cloud TransformationSecuring Your Cloud Transformation
Securing Your Cloud TransformationMarketingArrowECS_CZ
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpointCloudPassage
 
CIO's Guide to Enterprise Cloud Adoption
CIO's Guide to Enterprise Cloud AdoptionCIO's Guide to Enterprise Cloud Adoption
CIO's Guide to Enterprise Cloud AdoptionCipherCloud
 
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass
 
Securing the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicySecuring the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicyAllot Communications
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachCloudLock
 
Data Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectNetskope
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention ApproachesCipherCloud
 

Similar to Every cloud cloud risk assessment 2018 (20)

mcafee-cloud-acceleration-and-risks.pdf
mcafee-cloud-acceleration-and-risks.pdfmcafee-cloud-acceleration-and-risks.pdf
mcafee-cloud-acceleration-and-risks.pdf
 
Netskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good ThingNetskope — Shadow IT Is A Good Thing
Netskope — Shadow IT Is A Good Thing
 
Cyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO DayCyber Security in the market place: HP CTO Day
Cyber Security in the market place: HP CTO Day
 
Strengthen Cloud Security
Strengthen Cloud SecurityStrengthen Cloud Security
Strengthen Cloud Security
 
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificadaProteja sus datos en cualquier servicio Cloud y Web de forma unificada
Proteja sus datos en cualquier servicio Cloud y Web de forma unificada
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
The Razor's Edge: Enabling Cloud While Mitigating the Risk of a Cloud Data Br...
 
Cloud Application Security --Symantec
Cloud Application Security --Symantec Cloud Application Security --Symantec
Cloud Application Security --Symantec
 
Shedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File SharingShedding Light on Shadow IT for File Sharing
Shedding Light on Shadow IT for File Sharing
 
Cloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity EditionCloud Security for Dummies Webinar — The Identity Edition
Cloud Security for Dummies Webinar — The Identity Edition
 
Securing Your Cloud Transformation
Securing Your Cloud TransformationSecuring Your Cloud Transformation
Securing Your Cloud Transformation
 
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
RightScale Webinar - Coping With Cloud Migration Challenges: Best Practices a...
 
Webinar compiled powerpoint
Webinar compiled powerpointWebinar compiled powerpoint
Webinar compiled powerpoint
 
CIO's Guide to Enterprise Cloud Adoption
CIO's Guide to Enterprise Cloud AdoptionCIO's Guide to Enterprise Cloud Adoption
CIO's Guide to Enterprise Cloud Adoption
 
Bitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use CasesBitglass Webinar - Top 6 CASB Use Cases
Bitglass Webinar - Top 6 CASB Use Cases
 
User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016User_Access_IIA-LA_3-9-2016
User_Access_IIA-LA_3-9-2016
 
Securing the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use PolicySecuring the Enterprise with Application Aware Acceptable Use Policy
Securing the Enterprise with Application Aware Acceptable Use Policy
 
The Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security BreachThe Anatomy of a Cloud Security Breach
The Anatomy of a Cloud Security Breach
 
Data Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier EffectData Breach: The Cloud Multiplier Effect
Data Breach: The Cloud Multiplier Effect
 
Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches Cloud Visibility & Cloud Data Loss Prevention Approaches
Cloud Visibility & Cloud Data Loss Prevention Approaches
 

Recently uploaded

Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Hyundai Motor Group
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetEnjoy Anytime
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 

Recently uploaded (20)

Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Pigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food ManufacturingPigging Solutions in Pet Food Manufacturing
Pigging Solutions in Pet Food Manufacturing
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your BudgetHyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 

Every cloud cloud risk assessment 2018

  • 1. BE CLOUD CONFIDENT A NEW APPROACH TO CLOUD ACCESS AND SECURITY
  • 2. By 2020 85% of large enterprises will use a cloud access security broker to protect their operations
  • 3. v THE CHANGING THREAT LANDSCAPE 3 Data Center YESTERDAY TODAY Mobile Users Branch Office HQ Remote Users VPN HQ Branch Office Data Center Remote Users VPN NetworkPerimeter
  • 4. v CYBERSECURITY MONTH – SOME FACTS “74%of companies have abandoned traditional security policies and tech because they can’t be used effectively for the Cloud” Source: The Evolution of Cloud Security Group “80%of participants acknowledged their on-premises security policies, technologies and skills are more mature than those for cloud applications” Source: The Evolution of Cloud Security Group “A study by IBMSecurity found that the number of ransomware-infected emails increased 6,000 percent compared to 2015” Source: Ransomware: how consumers and businesses value there data (IBM Security) “95%of all attacks on enterprise networks are the result of successful spear phishing” Source: Allen Paller, Director of Research
  • 5. v GDPR – KEY ARTICLES REGARDING DATA SECURITY • Privacy by Design • Privacy by Default • Organisational & Technical Strategies Article 25 • Security of Data Processing • Organisational & Technical Strategies Article 32 • Notification of Personal Breach within 72 Hours Article 33 • Communication of Personal Data Breach to the data subject Article 34 • Data Protection Impact Assessment • Include a description of measures to mitigate risks Article 35
  • 6. v GDPR – ARTICLE 32 – MINIMUM MEASURES Pseudonymizingor encryptingpersonal data MaintainOngoing Confidentiality RestoreAvailabilityand Access toPersonal Data Testing&Evaluating
  • 7. v GDPR – ARTICLE 32 – TECHNICAL STRATEGIES Data Discovery & Classification Data Loss Prevention Privileged User Monitoring Secure Audit Trail Sensitive Data Access Audit User rights management
  • 8. v THE SHADOW IT CHALLENGE 88 30 % 95% of the apps are unknown by IT Most apps are not enterprise-ready End user is the new perimeter There are 22,000+ enterprise cloud apps today (and growing) % of data moving to Unsanctioned cloud apps 1,000 apps discovered – on average 5% 75% 20%
  • 10. Cloud Usage Overview • 1,378 Number of Cloud Based Applications • Across 39 Application Categories • 26% of your data moving to unsanctioned Applications PCI Compliance • 512 PCI Incidents • 3 High severity incidents with files containing over 100 PCI Violations Personal Information / EUGDPR • 939 Apps that cannot erase your data • 813 Apps with unclear data ownership • 68% of Apps violating GDPR Malware &Compromised Accounts • 184 Compromised User Accounts • 692 Malicious Sites Accessed by 138 Users EXECUTIVE SUMMARY
  • 11. % of all Data uploaded goes to unsanctioned cloud apps. Number Of Cloud Apps Discovered – 40% higher than industry average App’s With Unclear Data Ownership – no longer owns the data % Apps Non Enterprise Ready Not meeting basic standards Percentage Of Apps violating GDPR Number Of Apps that cannot erase your data when you leave the service 1,378 813 30% 68% 94.8% 939 KEY FINDINGS FROM CLOUD RISK ASSESSMENT
  • 12. EXECUTIVE SUMMARY 1,378 2,350 173 29 Apps Discovered Users High Risk Apps High Risk Users App Total Bytes Risk WeTransfer 135GB H iCloud 28GB H Office365OneDrive 25GB L GoogleDrive 3GB L LiveOneDrive 1GB L 94% Of Apps Are Not Enterprise Ready APPS BY Cloud Confidence Level TOP STORAGE BY TOTAL BYTES CLOUD APP USAGE SUMMARY TOP EXPOSURES UsageSummary Number of AppCategories 39 Total DataMovement 1.6TB Total Uploads 350GB Total Downloads 1.3TB DataMovement inHighRisk Apps 365GB Exposureor RiskItem Potentially Compromised Accounts 184 Dateof Last Compromise 09/02/16 NonEnterpriseReady Apps 1,335 CONCERNS AND RECOMMENDATIONS Concern Recommendation PII GDPR Evaluatedatabeingstoredin apps that donot meet GDPR requirements for data ownership Unsanctioned Apps Adopt policy toevaluate unsanctionedapps and monitor datamovement DataLeakage Implement DLPpolicy across all applications toprotect sensitivedata CLOUD APP USAGE SUMMARY 1855 141 126 855 exce llent high low medium poor
  • 13. Unsanctionedand blocked DISCOVERY IS ONE OF THE FOUR KEY STAGES OF AN OVERALL CLOUD SECURITY STRATEGY 1 Continuously discover cloud services and assess risk 2 Block the most risky services and coach users to use alternatives Block risky services Coach users 3 Safely enable cloud services you have sanctioned Apply adaptive access control Implement granular policies Prevent data loss Protect against threats Encrypt when necessary 4 Safely permit unsanctioned, yet necessary, cloud services Identify ecosystems, non-corporate instances, and create category-level and context-based policies Block risky activities Skipping this step may lead to user revolt and a decrease in productivity Unsanctioned andpermitted Sanctioned Discovered Blocked Sanctioned SafelyPermitted
  • 14. v WITHOUT STRONG CLOUD SECURITY 1,249 Apps incl. CLOUD STORAGE: 25 APPS Box, Dropbox, OneDrive, GDrive, WeTransfer, Egnyte, ShareFile … HUMAN RESOURCES: 44 APPS iCIMS, Taleo, SuccessFactors, Cornerstone, OnDemand … COLLABORATION: 72 APPS WebEx, GoToMeeting, Blue Jeans, Join.me, Lync … FINANCE: 65 APPS Authorize.net, Zuora, Intuit, Concur, Expensify …
  • 15. THE COST OF FAILING TO SECURE YOUR CLOUD DATABREACHES FAILEDAUDITS LOSS/THEFT OF INTELLECTUAL PROPERTY, SENSITIVE DATA § Reputational damage § Regulatory breaches § Fines and penalties § Business disruption § Lost profits § Customer confidence MAX FINE UNDER NEW EU DATA RULES: 4% of global turnover or €20m - whichever is greater
  • 16. v ALIGNED TO GARTNER’S DEFINITION OF A CASB VISIBILITY Discover 100% coverage for all cloud traffic COMPLIANCE Aware Understand, report and control app usage DATASECURITY Comply Enterprise-class DLP enforced with context for all apps THREATPROTECTION Confidence Advanced threat protection built for the cloud By 2020 85% of Enterprises will deploy the services of a Cloud Access Security Broker. Gartner define a CASB as being able to provide the following:
  • 17. BE CLOUD CONFIDENT A NEW APPROACH TO CLOUD ACCESS AND SECURITY