SlideShare uma empresa Scribd logo

Xylos Clients Day - Public cloud and security go hand in hand, if you approach it properly!

Karim Vaes
Karim Vaes

https://www.xylos.com/en/corporate/events/explore-new-digital-ways Public cloud and security go hand in hand, if you approach it properly The cloud is already being well used, but lots of organisations still have questions about its security. Is data protection in the cloud really optimal, or is this uncertainty justified? In this breakout session we look at the main concerns we hear from our customers. Can we build a perimeter around cloud applications? Which sectors or scenarios are not suitable for the cloud, and where in particular is it recommended? How do I get to grips with ‘shadow IT’? Do I have to manage things myself in the cloud? Does the public cloud satisfy the strictest security requirements? And what's the most secure authentication? Data protection isn't just limited to firewalls or intrusion systems, after all. The key lies in having a comprehensive security policy, and in this session we zoom in on the major components and challenges. Speaker: Karim Vaes, Solution Architect, Xylos

Internet
1 de 83
“Should I worry?!?” Security & Cloud
Whoami || $env:username Cloud Solution Architect https://about.kvaes.be @kvaes https://blog.kvaes.be
Agenda Setting the scene Security Basics Focus on People & Security Cloud Access Security Broker (demo) Recap
Cybersecurity used to mean building a bigger moat and a bigger wall Source : http://www.boomsbeat.com/articles/2824/20140416/an-interesting-look-at-the-ancient-city-walls-of-dubrovnik-photos.htm
So we built a secure perimeter within a secure perimeterSource : http://files.terramartour.com/010_PAIS_FOTO/07_FRANCE/Carcassonne/
Source : http://robotmonkeys.net/2010/12/18/the-facebook-map/
Assume breach! Source : http://www.matthewpemmott.co.uk/2013/05/scarborough-castle-king-johns-curtain.html
Security Basics
Pizza-as-a-Service
Secured Pizza Data Classification & Accountability Client & End-Point Protection Identity & Access Management Application Level Controls Network Controls Host Infrastructure Physical Security
What does EU GDPR mean in less than one minute? though penalties : fines up to of annual global revenue whichever is greater! 4% or €20 million The regulation also applies to non-EU companies that process personal data of individuals in the EU. The European “General Data Protection Regulation” will increase privacy for individuals and give regulatory authorities greater powers to take action against businesses that breach the new laws. Here is what it means to your business : Privacy first or face
4% fine $187.215.200 = Security is NOT optional (anymore)!
Compliancy Certifications & Programs
In the end, it’s about people... ?
Xylos Security Approach IT ENVIRONMENT !
Is the practice of shadow IT bad? IT says YES! Business says NO!
Looks kinda like? • User chooses apps (unsanctioned, shadow IT) • User can access resources from anywhere • Data is shared by user and cloud apps • IT has limited visibility and protection • Only sanctioned apps are installed • Resources accessed via managed devices/networks • IT had layers of defense protecting internal apps • IT has a known security perimeter On-premises Storage, corp data Users
No easy puzzle… Data Protection How do I know what apps are used in my environment? Shadow IT How do I ensure appropriate access to my cloud apps? Access control Visibility/reporting How do I gain visibility into cloud apps and usage? How do I prevent data leakage? Data protection Threat prevention How do I know if my users have been breached? How do I address regulatory mandates? Compliance
The DNA of the IT landscape Employees Business partners Customers Apps DevicesGreat People Data
How to protect my organization? Identity and access management Mobile device and app management Information protection User and entity behavioral analytics Cloud Access Security Broker Bring enterprise-grade visibility, control, and protection to your cloud applications.
Identity & Access Management One Person = Single Identity For one million+ applications Source : Forbes top cloud applications
Identity & Access Management Windows 10 Configuration Purpose Ownership Windows Devices PC/Tablets/Mobile/etc. Personal Fun MSA Sign-in Fun + some work (BYOD) Add a Work Account Organizational Work Domain Join Azure AD Join karim.vaes@xylos.com Organizational Account karim@kvaes.be Microsoft Account XYLOSkarimvaes Domain Account karim.vaes@xylos.com Organizational Account One Person = Single Identity
Persistent protection Storage independent solution Permit all companies to authenticate Authorization policies are enforced Powerful logging for reporting End user use/abuse tracking Ability to remote kill documents Enable IT to reason over data Tracking and compliance Works across all platforms Free content consumption Consistent user experience Integrated into common apps/services Ease of use Information Protection <you> need to share <file types> between yourself and partners, suppliers, dealers, representatives, etc.
aEZQAR]ibr{qU @M]BXNoHp9nMD AtnBfrfC;jx+T g@XL2,Jzu ()&(*7812(*: Use Rights + Secret cola formula Water Sugar Brown #16 Protect Unprotect Usage rights and symmetric key stored in file as ‘license’ Each file is protected by a unique AES symmetric License protected by customer-owned RSA key Water Sugar Brown #16 Information Protection
Cloud Access Security Broker Discovery Gain complete visibility and context for cloud usage and shadow IT—no agents required Data control Shape your cloud environment with granular controls and policy setting for access, data sharing, and DLP Threat protection Identify high-risk usage and security incidents, detect abnormal user behavior, and prevent threats
Cloud Access Security Broker Discovery • Use traffic logs to discover and analyze which cloud apps are in use • Manually or automatically upload log files for analysis from your firewalls and proxies Sanctioning and un-sanctioning • Sanction or block apps in your organization using the cloud app catalog App connectors • Leverage APIs provided by various cloud app providers • Connect an app and extend protection by authorizing access to the app. Cloud App Security queries the app for activity logs and scans data, accounts, and cloud content App connectors Cloud discovery Protected Cloud apps Cloud traffic Cloud traffic logs Firewalls Proxies Your organization from any location API Cloud App Security
Mobile device & Application Mgmt Information Protection Protect your users, devices, and apps Detect problems early with visibility and threat analytics Protect your data, everywhere Extend enterprise-grade security to your cloud and SaaS apps Manage identity with hybrid integration to protect application access from identity attacks User & Behaviour Analytics Cloud Access Security Broker Identity & Access Management What does this tie together?
Cloud App Security
• Discover 13,000+ cloud apps in use—no agents required • Identify all users, IP addresses, top apps, top users Shadow IT discovery Risk scoring • Get an automated risk score driven by 60+ parameters • See each app’s risk assessment based on its security mechanisms and compliance regulations • Ongoing risk detection, powerful reporting, and analytics on users, usage patterns, upload/download traffic, and transactions • Ongoing anomaly detection for discovered apps Ongoing analytics Discovery
DLP and data sharingPolicy definition • Set granular-control security policies for your approved apps • Use out-of-the-box policies or customize your own • Prevent data loss both inline and at rest • Govern data in the cloud, such as files stored in cloud drives, attachments, or within cloud apps • Use pre-defined templates or extend existing DLP policies Policy enforcement • Identify policy violations, investigate on a user, file, activity level • Enforce actions such as quarantine and permissions removal • Block sensitive transactions, limit sessions for unmanaged devices Data Control
• Identify anomalies in your cloud environment which may be indicative of a breach • Leverage behavioral analytics (each user’s interaction with SaaS apps) to assess risk in each transaction Behavioral analytics Attack detection • Identify and stop known attack pattern activities originating from risky sources with threat prevention enhanced with vast Microsoft threat intelligence • Coming soon: send any file through real- time behavioral malware analysis Threat Prevention
Cloud App Security
Cloud App Security
Source : http://imgur.com/gallery/DRMZasu Your organization is not an island!
Shared Risks Data Classification & Accountability Client & End-Point Protection Identity & Access Management Application Level Controls Network Controls Host Infrastructure Physical Security
Xylos Security Approach IT ENVIRONMENT !
Xylos Clients Day - Public cloud and security go hand in hand, if you approach it properly!
Xylos Clients Day - Public cloud and security go hand in hand, if you approach it properly!

Recomendados

Trust in the mobile internet of things
Trust in the mobile internet of thingsTrust in the mobile internet of things
Trust in the mobile internet of thingsAntonio Gonzalo
 
Spe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesSpe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesLeMeniz Infotech
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412Hai Nguyen
 
Securing the network perimeter
Securing the network perimeterSecuring the network perimeter
Securing the network perimeterinfra-si
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityNational LECET
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
Microsoft Intelligent Communications - Skype and Teams with Office 365
Microsoft Intelligent Communications - Skype and Teams with Office 365Microsoft Intelligent Communications - Skype and Teams with Office 365
Microsoft Intelligent Communications - Skype and Teams with Office 365David J Rosenthal
 

Recomendados

Trust in the mobile internet of things
Trust in the mobile internet of thingsTrust in the mobile internet of things
Trust in the mobile internet of thingsAntonio Gonzalo
 
Spe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesSpe security and privacy enhancement framework for mobile devices
Spe security and privacy enhancement framework for mobile devicesLeMeniz Infotech
 
Security 2 Q 07[1]
Security 2 Q 07[1]Security 2 Q 07[1]
Security 2 Q 07[1]Sharpe Smith
 
4192 sslvpn sb_0412
4192 sslvpn sb_04124192 sslvpn sb_0412
4192 sslvpn sb_0412Hai Nguyen
 
Securing the network perimeter
Securing the network perimeterSecuring the network perimeter
Securing the network perimeterinfra-si
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityNational LECET
 
Identity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsIdentity-Defined Privacay & Security for Internet of Things
Identity-Defined Privacay & Security for Internet of ThingsPing Identity
 
Microsoft Intelligent Communications - Skype and Teams with Office 365
Microsoft Intelligent Communications - Skype and Teams with Office 365Microsoft Intelligent Communications - Skype and Teams with Office 365
Microsoft Intelligent Communications - Skype and Teams with Office 365David J Rosenthal
 
MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Extending applications securely to wireless health workers.
Extending applications securely to wireless health workers.Extending applications securely to wireless health workers.
Extending applications securely to wireless health workers.Wheatstone
 
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรการสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรSoftware Park Thailand
 
How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks Abaram Network Solutions
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Clear and Present Danger
Clear and Present DangerClear and Present Danger
Clear and Present DangerPing Identity
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed SecurityDarryl Santa
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperMartin Ruubel
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
Finding Your Lost Keys
Finding Your Lost KeysFinding Your Lost Keys
Finding Your Lost Keystrueidentity
 
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...ProductNation/iSPIRT
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...Authentic8
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataEMC
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integrationCeline George
 
Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 

Mais conteúdo relacionado

Mais procurados

MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudKumar Goud
 
Extending applications securely to wireless health workers.
Extending applications securely to wireless health workers.Extending applications securely to wireless health workers.
Extending applications securely to wireless health workers.Wheatstone
 
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรการสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรSoftware Park Thailand
 
How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks Abaram Network Solutions
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...CODE BLUE
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldIdentive
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
Clear and Present Danger
Clear and Present DangerClear and Present Danger
Clear and Present DangerPing Identity
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperMartin Ruubel
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKMaganathin Veeraragaloo
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed SecurityDarryl Santa
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperMartin Ruubel
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineeringPeter Wood
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
Finding Your Lost Keys
Finding Your Lost KeysFinding Your Lost Keys
Finding Your Lost Keystrueidentity
 
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...ProductNation/iSPIRT
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...Authentic8
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Peter Wood
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataEMC
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integrationCeline George
 

Mais procurados (20)

MIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the CloudMIST Effective Masquerade Attack Detection in the Cloud
MIST Effective Masquerade Attack Detection in the Cloud
 
Extending applications securely to wireless health workers.
Extending applications securely to wireless health workers.Extending applications securely to wireless health workers.
Extending applications securely to wireless health workers.
 
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กรการสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
การสร้างเกราะป้องกันภัยคุกคาม ต่อข้อมูลความเป็นส่วนบุคคลในองค์กร
 
How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks How to deal with the impact of digital transformation on networks
How to deal with the impact of digital transformation on networks
 
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
[CB21] Keynote1:Shaking the Cybersecurity Kaleidoscope – An Immersive Look in...
 
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked WorldHirsch Identive | White Paper | Securing the Enterprise in a Networked World
Hirsch Identive | White Paper | Securing the Enterprise in a Networked World
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Clear and Present Danger
Clear and Present DangerClear and Present Danger
Clear and Present Danger
 
Cloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime WhitepaperCloud Insecurity and True Accountability - Guardtime Whitepaper
Cloud Insecurity and True Accountability - Guardtime Whitepaper
 
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORKCYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
CYBERSECURITY MESH - DIGITAL TRUST FRAMEWORK
 
Alpha & Omega's Managed Security
Alpha & Omega's Managed SecurityAlpha & Omega's Managed Security
Alpha & Omega's Managed Security
 
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime WhitepaperKSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
KSI for IoT Security - Turning Defence Into Offence - Guardtime Whitepaper
 
Attacking the cloud with social engineering
Attacking the cloud with social engineeringAttacking the cloud with social engineering
Attacking the cloud with social engineering
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015
 
Finding Your Lost Keys
Finding Your Lost KeysFinding Your Lost Keys
Finding Your Lost Keys
 
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
Presentation by Seclore Technologies at Zensar #TechShowcase. An iSPIRT Produ...
 
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
IT vs. Users? How Law Firms Can Maximize Security While Granting Access to th...
 
Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)Big Data and Security - Where are we now? (2015)
Big Data and Security - Where are we now? (2015)
 
New Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud DataNew Approaches to Security and Availability for Cloud Data
New Approaches to Security and Availability for Cloud Data
 
Odoo iot box integration
Odoo iot box integrationOdoo iot box integration
Odoo iot box integration
 

Semelhante a Xylos Clients Day - Public cloud and security go hand in hand, if you approach it properly!

Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Kjetil Lund-Paulsen
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
Techorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsTechorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsDavid De Vos
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the EnterpriseWill Adams
 
Identity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryIdentity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryForsyte I.T. Solutions
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Ravikumar Sathyamurthy
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPowerSaturdayParis
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices Cloudride LTD
 
Cloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdfCloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdfErikHof4
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding'Self-Employed'
 
Softchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice Corporation
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerZscaler
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerAnkit Dua
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 

Semelhante a Xylos Clients Day - Public cloud and security go hand in hand, if you approach it properly! (20)

Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security Get ahead of cybersecurity with MS Enterprise Mobility + Security
Get ahead of cybersecurity with MS Enterprise Mobility + Security
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Techorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud AppsTechorama - Shadow IT with Cloud Apps
Techorama - Shadow IT with Cloud Apps
 
Mobile Security for the Enterprise
Mobile Security for the EnterpriseMobile Security for the Enterprise
Mobile Security for the Enterprise
 
Identity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and DiscoveryIdentity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
Identity-Driven Security with Forsyte I.T. Solutions - Demos and Discovery
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview
 
Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365Securing your Organization with Microsoft 365
Securing your Organization with Microsoft 365
 
Power Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 securityPower Saturday 2019 E1 - Office 365 security
Power Saturday 2019 E1 - Office 365 security
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMS
 
The 15 best cloud security practices
The 15 best cloud security practices The 15 best cloud security practices
The 15 best cloud security practices
 
Cloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdfCloud App Security Customer Presentation.pdf
Cloud App Security Customer Presentation.pdf
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
Steven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer cloudingSteven Porter Seville | Ideas about Computer clouding
Steven Porter Seville | Ideas about Computer clouding
 
Softchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security WebinarSoftchoice & Microsoft: Public Cloud Security Webinar
Softchoice & Microsoft: Public Cloud Security Webinar
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
 
Maximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and ZscalerMaximize your cloud app control with Microsoft MCAS and Zscaler
Maximize your cloud app control with Microsoft MCAS and Zscaler
 
Gestión de identidad
Gestión de identidadGestión de identidad
Gestión de identidad
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 

Mais de Karim Vaes

A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure NetworkingKarim Vaes
 
Resiliency Patterns on Azure
Resiliency Patterns on AzureResiliency Patterns on Azure
Resiliency Patterns on AzureKarim Vaes
 
ExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure NetworkingExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure NetworkingKarim Vaes
 
Global Azure Bootcamp 2018 - Oh no my organization went Azure
Global Azure Bootcamp 2018 - Oh no my organization went AzureGlobal Azure Bootcamp 2018 - Oh no my organization went Azure
Global Azure Bootcamp 2018 - Oh no my organization went AzureKarim Vaes
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureKarim Vaes
 
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutesGlobal Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutesKarim Vaes
 
Experts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationExperts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationKarim Vaes
 
Azure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherAzure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherKarim Vaes
 
The IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documentsThe IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documentsKarim Vaes
 
Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)Karim Vaes
 

Mais de Karim Vaes (10)

A Deepdive into Azure Networking
A Deepdive into Azure NetworkingA Deepdive into Azure Networking
A Deepdive into Azure Networking
 
Resiliency Patterns on Azure
Resiliency Patterns on AzureResiliency Patterns on Azure
Resiliency Patterns on Azure
 
ExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure NetworkingExpertsLive NL 2018 - A deepdive into Azure Networking
ExpertsLive NL 2018 - A deepdive into Azure Networking
 
Global Azure Bootcamp 2018 - Oh no my organization went Azure
Global Azure Bootcamp 2018 - Oh no my organization went AzureGlobal Azure Bootcamp 2018 - Oh no my organization went Azure
Global Azure Bootcamp 2018 - Oh no my organization went Azure
 
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on AzureGlobal Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
Global Azure Bootcamp 2017 - Why I love S2D for MSSQL on Azure
 
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutesGlobal Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
Global Azure Bootcamp 2017 - How to build a twitter bot in 15 minutes
 
Experts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automationExperts live2016 - Karim Vaes - end-to-end automation
Experts live2016 - Karim Vaes - end-to-end automation
 
Azure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with RancherAzure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
Azure Bootcamp 2016 - Docker Orchestration on Azure with Rancher
 
The IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documentsThe IT Crowd stance on writing advice documents
The IT Crowd stance on writing advice documents
 
Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)Four Simple Rules for an Effective Meeting Rules (kvaes.be)
Four Simple Rules for an Effective Meeting Rules (kvaes.be)
 

Último

pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfJOHNBEBONYAP1
 
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...SUHANI PANDEY
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...SUHANI PANDEY
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtrahman018755
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)Delhi Call girls
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLimonikaupta
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...SUHANI PANDEY
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubaikojalkojal131
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...SUHANI PANDEY
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...roncy bisnoi
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...nirzagarg
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445ruhi
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceDelhi Call girls
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...SUHANI PANDEY
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋nirzagarg
 

Último (20)

Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort ServiceCall Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
Call Girls in Prashant Vihar, Delhi 💯 Call Us 🔝9953056974 🔝 Escort Service
 
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
Low Sexy Call Girls In Mohali 9053900678 🥵Have Save And Good Place 🥵
 
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdfpdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
pdfcoffee.com_business-ethics-q3m7-pdf-free.pdf
 
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
Wadgaon Sheri $ Call Girls Pune 10k @ I'm VIP Independent Escorts Girls 80057...
 
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
VIP Model Call Girls NIBM ( Pune ) Call ON 8005736733 Starting From 5K to 25K...
 
Real Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirtReal Men Wear Diapers T Shirts sweatshirt
Real Men Wear Diapers T Shirts sweatshirt
 
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
WhatsApp 📞 8448380779 ✅Call Girls In Mamura Sector 66 ( Noida)
 
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRLLucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
Lucknow ❤CALL GIRL 88759*99948 ❤CALL GIRLS IN Lucknow ESCORT SERVICE❤CALL GIRL
 
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
Sarola * Female Escorts Service in Pune | 8005736733 Independent Escorts & Da...
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls DubaiDubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
Dubai=Desi Dubai Call Girls O525547819 Outdoor Call Girls Dubai
 
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
Wagholi & High Class Call Girls Pune Neha 8005736733 | 100% Gennuine High Cla...
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
Call Girls Sangvi Call Me 7737669865 Budget Friendly No Advance BookingCall G...
 
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
➥🔝 7737669865 🔝▻ mehsana Call-girls in Women Seeking Men 🔝mehsana🔝 Escorts...
 
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
All Time Service Available Call Girls Mg Road 👌 ⏭️ 6378878445
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort ServiceBusty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
Busty Desi⚡Call Girls in Vasundhara Ghaziabad >༒8448380779 Escort Service
 
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
Russian Call Girls Pune (Adult Only) 8005736733 Escort Service 24x7 Cash Pay...
 
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
💚😋 Salem Escort Service Call Girls, 9352852248 ₹5000 To 25K With AC💚😋
 

Xylos Clients Day - Public cloud and security go hand in hand, if you approach it properly!

  • 1.
  • 3. Whoami || $env:username Cloud Solution Architect https://about.kvaes.be @kvaes https://blog.kvaes.be
  • 4. Agenda Setting the scene Security Basics Focus on People & Security Cloud Access Security Broker (demo) Recap
  • 5. Cybersecurity used to mean building a bigger moat and a bigger wall Source : http://www.boomsbeat.com/articles/2824/20140416/an-interesting-look-at-the-ancient-city-walls-of-dubrovnik-photos.htm
  • 6. So we built a secure perimeter within a secure perimeterSource : http://files.terramartour.com/010_PAIS_FOTO/07_FRANCE/Carcassonne/
  • 8. Assume breach! Source : http://www.matthewpemmott.co.uk/2013/05/scarborough-castle-king-johns-curtain.html
  • 11. Secured Pizza Data Classification & Accountability Client & End-Point Protection Identity & Access Management Application Level Controls Network Controls Host Infrastructure Physical Security
  • 12. What does EU GDPR mean in less than one minute? though penalties : fines up to of annual global revenue whichever is greater! 4% or €20 million The regulation also applies to non-EU companies that process personal data of individuals in the EU. The European “General Data Protection Regulation” will increase privacy for individuals and give regulatory authorities greater powers to take action against businesses that breach the new laws. Here is what it means to your business : Privacy first or face
  • 13. 4% fine $187.215.200 = Security is NOT optional (anymore)!
  • 15. In the end, it’s about people... ?
  • 16. Xylos Security Approach IT ENVIRONMENT !
  • 17. Is the practice of shadow IT bad? IT says YES! Business says NO!
  • 18. Looks kinda like? • User chooses apps (unsanctioned, shadow IT) • User can access resources from anywhere • Data is shared by user and cloud apps • IT has limited visibility and protection • Only sanctioned apps are installed • Resources accessed via managed devices/networks • IT had layers of defense protecting internal apps • IT has a known security perimeter On-premises Storage, corp data Users
  • 19. No easy puzzle… Data Protection How do I know what apps are used in my environment? Shadow IT How do I ensure appropriate access to my cloud apps? Access control Visibility/reporting How do I gain visibility into cloud apps and usage? How do I prevent data leakage? Data protection Threat prevention How do I know if my users have been breached? How do I address regulatory mandates? Compliance
  • 20. The DNA of the IT landscape Employees Business partners Customers Apps DevicesGreat People Data
  • 21.
  • 22. How to protect my organization? Identity and access management Mobile device and app management Information protection User and entity behavioral analytics Cloud Access Security Broker Bring enterprise-grade visibility, control, and protection to your cloud applications.
  • 23. Identity & Access Management One Person = Single Identity For one million+ applications Source : Forbes top cloud applications
  • 24. Identity & Access Management Windows 10 Configuration Purpose Ownership Windows Devices PC/Tablets/Mobile/etc. Personal Fun MSA Sign-in Fun + some work (BYOD) Add a Work Account Organizational Work Domain Join Azure AD Join karim.vaes@xylos.com Organizational Account karim@kvaes.be Microsoft Account XYLOSkarimvaes Domain Account karim.vaes@xylos.com Organizational Account One Person = Single Identity
  • 25. Persistent protection Storage independent solution Permit all companies to authenticate Authorization policies are enforced Powerful logging for reporting End user use/abuse tracking Ability to remote kill documents Enable IT to reason over data Tracking and compliance Works across all platforms Free content consumption Consistent user experience Integrated into common apps/services Ease of use Information Protection <you> need to share <file types> between yourself and partners, suppliers, dealers, representatives, etc.
  • 26. aEZQAR]ibr{qU @M]BXNoHp9nMD AtnBfrfC;jx+T g@XL2,Jzu ()&(*7812(*: Use Rights + Secret cola formula Water Sugar Brown #16 Protect Unprotect Usage rights and symmetric key stored in file as ‘license’ Each file is protected by a unique AES symmetric License protected by customer-owned RSA key Water Sugar Brown #16 Information Protection
  • 27. Cloud Access Security Broker Discovery Gain complete visibility and context for cloud usage and shadow IT—no agents required Data control Shape your cloud environment with granular controls and policy setting for access, data sharing, and DLP Threat protection Identify high-risk usage and security incidents, detect abnormal user behavior, and prevent threats
  • 28. Cloud Access Security Broker Discovery • Use traffic logs to discover and analyze which cloud apps are in use • Manually or automatically upload log files for analysis from your firewalls and proxies Sanctioning and un-sanctioning • Sanction or block apps in your organization using the cloud app catalog App connectors • Leverage APIs provided by various cloud app providers • Connect an app and extend protection by authorizing access to the app. Cloud App Security queries the app for activity logs and scans data, accounts, and cloud content App connectors Cloud discovery Protected Cloud apps Cloud traffic Cloud traffic logs Firewalls Proxies Your organization from any location API Cloud App Security
  • 29. Mobile device & Application Mgmt Information Protection Protect your users, devices, and apps Detect problems early with visibility and threat analytics Protect your data, everywhere Extend enterprise-grade security to your cloud and SaaS apps Manage identity with hybrid integration to protect application access from identity attacks User & Behaviour Analytics Cloud Access Security Broker Identity & Access Management What does this tie together?
  • 31. • Discover 13,000+ cloud apps in use—no agents required • Identify all users, IP addresses, top apps, top users Shadow IT discovery Risk scoring • Get an automated risk score driven by 60+ parameters • See each app’s risk assessment based on its security mechanisms and compliance regulations • Ongoing risk detection, powerful reporting, and analytics on users, usage patterns, upload/download traffic, and transactions • Ongoing anomaly detection for discovered apps Ongoing analytics Discovery
  • 32. DLP and data sharingPolicy definition • Set granular-control security policies for your approved apps • Use out-of-the-box policies or customize your own • Prevent data loss both inline and at rest • Govern data in the cloud, such as files stored in cloud drives, attachments, or within cloud apps • Use pre-defined templates or extend existing DLP policies Policy enforcement • Identify policy violations, investigate on a user, file, activity level • Enforce actions such as quarantine and permissions removal • Block sensitive transactions, limit sessions for unmanaged devices Data Control
  • 33. • Identify anomalies in your cloud environment which may be indicative of a breach • Leverage behavioral analytics (each user’s interaction with SaaS apps) to assess risk in each transaction Behavioral analytics Attack detection • Identify and stop known attack pattern activities originating from risky sources with threat prevention enhanced with vast Microsoft threat intelligence • Coming soon: send any file through real- time behavioral malware analysis Threat Prevention
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43.
  • 44.
  • 45.
  • 46.
  • 47.
  • 48.
  • 49.
  • 50.
  • 51.
  • 52.
  • 53.
  • 54.
  • 55.
  • 56.
  • 57.
  • 58.
  • 59.
  • 60.
  • 61.
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69.
  • 70.
  • 71.
  • 72.
  • 73.
  • 74.
  • 75.
  • 76.
  • 78.
  • 79. Source : http://imgur.com/gallery/DRMZasu Your organization is not an island!
  • 80. Shared Risks Data Classification & Accountability Client & End-Point Protection Identity & Access Management Application Level Controls Network Controls Host Infrastructure Physical Security
  • 81. Xylos Security Approach IT ENVIRONMENT !

Notas do Editor

  1. Basic Pizza-as-a-Service talk Hybride Niet zwart / wit => depends on “mood” Chef @ home works too We doen al veel! Recap! Outcome Focus => Cloud is logical there Digital => Business focus, en breekt uit vanuit een niet traditionele hoek Hybride! => We doen al veel
  2. Basic Pizza-as-a-Service talk Hybride Niet zwart / wit => depends on “mood” Chef @ home works too We doen al veel! Recap! Outcome Focus => Cloud is logical there Digital => Business focus, en breekt uit vanuit een niet traditionele hoek Hybride! => We doen al veel
  3. People – identity, device, apps, data MSFT Field - Please view associated material at: http://infopedia/SMSG/Pages/EnterpriseSecurity.aspx
  4. The following firewalls and proxies are supported: Blue Coat, Cisco (Cisco ASA - Virtual Context, Cisco ScanSafe, Cisco IronPort WSA), Zscaler, Fortigate, Palo Alto, McAfee Secure Web Gateway, Check Point (Check Point, Check Point OPSEC LEA), Squid (Common), Juniper SRX, Sophos SG, Microsoft Forefront Threat Management Gateway, Websense.
  5. With more than 80 percent of employees admitting to using non-approved SaaS apps for their jobs, how can you maintain visibility, control, and protection of your cloud apps? With this fast transition to cloud apps, we know you may be concerned about storing corporate data in the cloud and how to make it accessible to users anywhere without comprehensive visibility, auditing, or controls. Legacy security solutions are not designed to protect data in SaaS applications. Traditional network security solutions, such as firewalls and IPS, don’t offer visibility into the transactions that are unique to each application and traffic off-premises, including how data is being used and stored. Classic controls fail to provide protection for cloud apps as they monitor only a small subset of cloud traffic and have limited understanding of app-level activities. We have your solution: Microsoft Cloud App Security Why Cloud App Security? Shadow IT discovery – no agents required Enchanced threat protection with Microsoft intelligent security graphs Granular controls of your sanctioned apps Builds on broader Microsoft platforms It’s enterprise grade and easy to use It’s deep intergration with Office CLICK STEP(S). Click anywhere on the slide to begin
  6. Here you are presented the Microsoft Cloud App Security console. You have four key menus to choose from: “Discover”, “Investigate”, “Control” and “Alerts” These menus provide you a wide set of capabilities including visibility, comprehensive data controls and threat prevention for your cloud apps. Let’s go ahead and start with the discovery dashboard. CLICK STEP(S) Click the Discover menu.
  7. CLICK STEP(S) Click on Cloud Discovery dashboard.
  8. The Discovery dashboard provides an overview of cloud apps used in your organization with details. CLICK STEP(S) On the right, click on the scroll bar to scroll down.
  9. It also identifies all users and IP addresses accessing the application while also conducting risk assessment and automated risk score for each app. Point Out: Top Users/Top IP Addresses Tile Your users do not need to deploy any additional agents on their devices for Cloud App Security to provide this analysis because we collect information from the firewalls and proxies. CLICK STEP(S) On the right, click on the scroll bar to scroll up.
  10. The dashboard provides an overall understanding of your organization’s cloud app usage. However, to get more detailed information about the apps being used, let’s navigate to Discovered apps. CLICK STEP(S) On the Cloud Discovery navigation bar, click on Discovered apps
  11. Here you see all of the discovered apps in the organization, including a lot of additional data, such as amount of users using the app, the amount of IPs the app is being accessed from or the total number of transactions to name a few. CLICK STEP(S) On the right, click the scroll bar to scroll down.
  12. You also can easily filter based on the name, activity time frame or the risk score associated with the application. Let’s filter for collaboration apps. CLICK STEP(S) On the left, click Collaboration.
  13. You can also have the ability to drill down on a specific app. Let’s review Office 365. CLICK STEP(S) Under the Score column, click on 10 for Office 365.
  14. Cloud App Security not only discovers more than 13,000 cloud applications in use but it also provides an automated risk score by evaluating each discovered service against more than 60 parameters. CLICK STEP(S) On the right, click the scroll bar to scroll down
  15. Here you can see all of the different parameters used for the risk evaluation. Let’s look at an example of a parameter breakdown. CLICK STEP(S) On the bottom right of the slide, click on HTTP security headers.
  16. You can dive into more details for a specific parameter to get a breakdown on the score. You can see the weight of this parameter in this category and which factors are considered for risk assessment. You can interact with this risk assessment by reporting new data or requesting a score update. CLICK STEP(S) On the right, click the scroll bar to scroll up.
  17. CLICK STEP(S) Under the Name column, click on Office 365 to navigate to charts.
  18. Discovering which apps are in use across your organization is just the first step in making sure your sensitive corporate data is protected. CLICK STEP(S) On the right, click on the scroll bar to scroll down.
  19. You also have access to powerful reporting and analytics capabilities for you to gain the complete context of your cloud usage: such as usage patterns, upload/download traffic and top users. Next, let’s see how you can investigate and gain detailed visibility on a file level. To do this we will navigate to the Investigate menu. CLICK STEP(S) On the top navigation bar, click on Investigate to expand the drop down menu.
  20. CLICK STEP(S) Click Files.
  21. The Investigate menu provides you with deep visibility into all activities, files and accounts. Here you can see all files in your cloud environment with an easy and powerful query engine. Let’s set the Access level filter to sort for all public files. CLICK STEP(S) In the middle of the filtering bar, click on the Access Level drop down menu to expand.
  22. CLICK STEP(S) Click Public.
  23. Security vulnerabilities or data leakage are always a concern and it is very easy for an employee to accidentally make a file link public. No one has the time to go through all publically shared files to ensure no sensitive customer or company data has been leaked. However, this can be done easily by navigating to the policies page, where you have the option of creating new policies or monitoring current existing policies for violations. CLICK STEP(S) On the top navigation bar, click on the Control menu to expand.
  24. CLICK STEP(S) Click Policies.
  25. Here you are presented all of the active policies which are monitoring all apps used in your organization. Within the Policy page, we will review 2 different scenarios: Walkthrough the creation of a new policy using a template File level investigation: Authorizing a legitimate file How to take action against suspicious/unauthorized file activity. For the 1st scenario, you will see how simple and straight forward it is to create a new policy. CLICK STEP(S) Click Create Policy.
  26. Cloud App Security provides you a variety of different types of policy types to choose from. Each possessing their own policy specific templates but still allowing you the ability to customize it to your need(s). For today, let’s just focus on a new App Discovery policy. CLICK STEP(S) Click App Discovery Policy.
  27. When creating a new policy, you have the option of using “out of the box” templates or customizing your own policy. Today, we will be using an “out of the box” template. CLICK STEP(S) Click the Policy Template drop down menu.
  28. To reiterate, the primary reason behind the creation of this policy is to target possible “risky” apps. So let’s select the “New Risky App” template. CLICK STEP(S) Click New Risky App.
  29. CLICK STEP(S) Click Apply Template.
  30. Now that the template has been applied, let’s review the policy. Point Out: Policy Description statement and review the criteria described that will generate an alert. CLICK STEP(S) Click scroll bar to scroll down.
  31. Even though an “out of the box” template has been used, you still have the ability to alter any of the values to fit your requirements. Point Out: Create a filter section and note the risk scores being targeted Point out: Trigger a policy match section, showing another set of criteria that will trigger an alert. Now moving onto the 2nd scenario, file level investigation. CLICK STEP(S) Click Cancel.  
  32. For the 2 file investigation sub scenarios you will refer to the PCI compliance policy which identifies sensitive, publicly shared files containing customer credit card numbers. As you can see, the PCI policy is currently detecting 2 files in violation of it’s policy. Point Out: 2 matches on the PCI Compliance policy line. Let’s investigate these violations. CLICK STEP(S) Click on the PCI COMPLIANCE policy.
  33. For the 1st file level investigation scenario, you will see how you can authorize legitimate activity using the Test_file_for_DLP_test.docx. CLICK STEP(S) Click on the Payment schedule and details.xlsx file to minimize.
  34. CLICK STEP(S) Click on the Test_file_for_DLP_test.docx file.
  35. To further investigate, you want to view the hierarchy, which you know shows where this file resides. CLICK STEP(S) Under the File Name, click View Hierarchy.
  36. Viewing the hierarchy, you can now determine that this is a test file as the file is located in a folder labelled “Test Files”. CLICK STEP(S) Click Done to exit.
  37. Since this file is a legitimate test file, you can now proceed to authorize this file. CLICK STEP(S) To the left of the more information icon, click the check mark to authorize this file.
  38. Moving onto the 2nd file level investigation scenario, you will see how Cloud App Security allows you to react and take action against suspicious activity and/or violations. The document that will be used for this scenario is the Payment schedule and details.xlsx spreadsheet. Let’s click on the spreadsheet to expand the file details. CLICK STEP(S) Click on Payment schedule and details.xlsx.
  39. Within the file details, you can see the owner of the file, all the collaborators, when it was created and when it was modified. By looking at the URL, you can see that the files is shared publicly to everyone via SharePoint. Point Out: Shared with everyone section of the URL https://contoso3-my.sharepoint.com/personal/nirg_contoso_com/Documents /Shared with Everyone/Tiderc.txt You can also see that this file contains an Azure Information Protection classification label, specifically the Secret: Finance Only label. Point Out: File Tag: Secret (external), Finance Only (external) To further investigate, let’s see where this file resides, by viewing the file’s hierarchy. CLICK STEP(S) Under the File Name, click View Hierarchy.
  40. You can see that this file is located under one of our customer information folders and should not be shared publicly. CLICK STEP(S) On the far right side, click on the more information icon (3 vertically stacked dots) for the Payment schedule and details.xlsx file.
  41. You can now make an accurate assessment with the given evidence and take action, by either “put in user quarantine” or “make the link private”. CLICK STEP(S) Click Done to exit Hierarchy window.
  42. Deeper visibility and stronger controls are key components of providing enterprise grade security for your applications, but you don’t stop there. Cloud App Security not only provides you discovery and data control features but also a powerful threat detection engine. Let’s see how Cloud App Security helps you detect anomalies and prevent threats. For this let’s navigate to the Alerts menu. CLICK STEP(S) On the top navigation bar, click on Alerts.
  43. The alerts center will generate an alert if any active policies are violated. Let’s investigate a General Anomaly Detection alert. CLICK STEP(S) Click on the 3rd alert, General Anomaly Detection (ricky@contoso.com).
  44. Cloud App Security advanced machine learning heuristics learns how each user interacts with each SaaS app and through behavioral analysis, assesses the risk in each transaction. Here you can see a user who is an administrator performing suspicious activities such as logging in from a new anonymous location and two countries simultaneously within an hour with several failed login attempts. Point Out: ricky@contoso.com is an administrator CLICK STEP(S) On the right, click on the scroll bar to scroll down.
  45. Using the Activity Log, you are presented each action performed by the suspected user. Through this alert, you are also provided the option of remediating the threat or adjusting the policy as needed. Closing remarks: Through Microsoft Cloud App Security, you will have deeper visibility, comprehensive controls, and improved protection for your cloud applications. Cloud App Security is designed to help you extend the visibility, auditing, and control you have on-premises to your cloud applications.
  46. People – identity, device, apps, data MSFT Field - Please view associated material at: http://infopedia/SMSG/Pages/EnterpriseSecurity.aspx