The DIGITIAL TRANSFORMATION has changed the IT Landscape
In the past, customers had to be primarily concerned about securing their on-premises environment
Today, data is stored and used across multiple-cloud providers, with an environment that has made sanctioned and unsanctioned pervasive to the enterprise
85% of enterprises have a multi-cloud strategy, meaning that they have deployments across multiple XaaS architectures, coupled with private-cloud environments mostly deployed on-premises
Up to 40% of IT spend is shadow IT - many of these application environments are delivering productivity gains to enterprises, but at what cost?
And, an average enterprise company today uses more than 1,000 SaaS applications
So the world is much more complicated - however, there are ways to get insight and control into this “new IT world order” where security, innovation and productivity can co-exist.
“By 2017 the CMO will spend more on IT than the CIO”
- Gartner (2012)
This is a map of marketing technology “martech” applications that CMO’s are purchasing today.
Talk about the impact to GDPR – lack of visibility around cloud supplier relationships..
Slide outcome: it’s impossible to know every app that’s out their, but users have a habit of finding them and using them!! – but they are generally trying to innovate, vs. be malicious.. – IT security needs to support business innovation – uncover shadow IT and bring it back under governance if it’s really required by the business..
Faced with an increasing number of apps and increasingly sophisticated threats, the humans become the common denominator. Where historically user may have been considered a liability, changing conditions require a new way of thinking about the solution.
Forcepoint believes understanding the human behavior at a deep level will help organizations remain secure.
How?
Customers are looking for two important things as they adopt the cloud:
Visibility into what their users are doing in the cloud. Users may be using cloud applications that have not been approved or vetted by IT or the security team. The use of these unsanctioned cloud applications can also be referred to as “Shadow IT”, and getting visibility in order to understand risk is key.
For the applications that are approved, ie: sanctioned by IT, customers need to be able to monitor and control them in order to protect their users and data
Discover unsanctioned [Shadow IT] applications and assess risk
Centrally assess and control users, data, and security policies
Unique real-time behavioral anomalies and user activity monitoring (Cloud UEBA)
Extend and support compliance mandates to cloud applications
Implement risk-based multi-factor authentication
Support for ANY cloud / web application whether API / Inline (proxy)
We offer flexibility and choice around deployment methods:
Cloud APIs: with Cloud API integration, our CASB portal can be set up to leverage the cloud application provider’s APIs in order to interact with the provider in question. This can happen very quickly – with a few clicks you can get going. Forcepoint CASB comes ready to interface with the cloud application provider’s API, out of the box. One thing to note: what you can do with this deployment option depends on the APIs that the cloud application provider makes available for use
Cloud Proxy: this means inline – which allows for full monitoring, blocking and alerting. Inline deployment is compatible and coexists with Forcepoint Web Security as well
These are some of the security use cases you’ll want to satisfy with regards to unsanctioned cloud applications
Visibility into Shadow IT: determining whether your users are using cloud applications that you don’t know about and whether or not sensitive company data now resides in these
Identify Risky Apps: you’ll want to know whether or not your users are using applications known to be risky / dangerous
Prevent Risky Usage: you’ll want to stop users from using these risky / dangerous apps
Identify Users in Risk: you’ll want to identify which users are exhibiting behaviors they should not be exhibiting, so that you can correct the issue
Quick refresher on CASB for those who are new or aren’t real familiar with the space – CASB, or Cloud Access Security Broker (Gartner term) is a category of security products PURPOSE BUILT FOR CLOUD. Designed to sit physically or logically between the cloud apps and the users accessing those cloud apps in order to provide visibility into the use of those cloud apps, and security control.
While organizations are in fact, using apps hosted in the cloud more and more, that does not mean they are that they want to outsource their security to the app provider. Importantly, CASB products provide centralized controls for cloud applications
New chargeable AP-DATA license which will sit alongside: AP-DATA Gateway; AP-DATA Discover and AP-ENDPOINT DLP
Extend DLP policies to files stored in Enterprise cloud platforms
Deployment in Azure and AWS
Integration using cloud native APIs
Prioritized scanning of new, edited and shared files
Comprehensive range of out-of-the-box remediation actions:
Scalable – on-board virtual scanning units without interrupting service provision.
Forcepoint CASB is widely deployed, and in use by some of the largest organizations across a wide variety of verticals. Customers range across pharma, tech, finance, healthcare, manufacturing, defense, media, internet…while the industries are all different, what they all have in common is they are transitioning their enterprise apps to the cloud – and they are looking for help to secure their users, their data and their apps in the cloud.