Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock

Google confidential | Do not distribute

Be A HeroCombat Cloud Security Threats with Google Apps Unlimited and Cloudlock

Hayley [email protected] Alliances

Mahshad [email protected] Solutions Engineer

mailto:[email protected]





What to expect?

1. New security threats in the cloud2. How Google Apps Unlimited + CloudLock can help save you

from these villiansa. Protect your usersb. Protect your sensitive datac. Protection against malwared. Gain visibility into user activities

2


What’s so scary?

According to the latest IBM X-Force Research report, the average consolidated total cost of a data breach is $3.8 million

3


What Can Go Wrong?

● Accidental publication● Configuration error● Hacked systems

● Phishing● Weak passwords● Poor device

security

● Low Visibility● Insider threat

Damage, Lawsuits & Fines

Lost IP, Business & Reputation Privacy Violations

4


Business (Public SaaS) People Custom Apps (PaaS & IaaS)

Legacy Security SolutionsON

- P

RE

MIS

EC

LO

UD

CyberSecurity Fabric

Messaging & Collaboration

Sales & marketing

HR & Skills

Finance

Sharepoint

Apps

App Server

Database

force.com

The Era of Full Cloud is upon us

5


Changing IT models requires a new security paradigm

APPS DATA USERS

NETWORK

NEW MODEL:People-Centric Security

IDENTITY CLOUD

DEVICE / NETWORK

OLD MODEL:Network-Based Security

ACCOUNTS

6

Google confidential | Do not distribute 7

World Class Data Centers

Global Private Network

Back End Security

Application Security

Google Apps Security

End User Security


Cyber Report: The 1% Who Can Do Damage

8


Gartner Report: Minding the SaaS Gaps

9


Cloud Access Security Broker (CASB) with CloudLock

force.com

What Shadow Apps are my users using?

What do users do in my Cloud Apps?

How do I identify compromised Accounts?

Are Shadow Apps connected to sanctioned Ones ?

Do I have sensitive /Toxic /regulated data in the cloud?

How do I encrypt/ Quarantine sensitive data in the cloud?

SaaS

force.com

PaaS and IaaS IDaaS

10

#

#

#

#

#


How can we help?

APPSACCOUNTS

DATA

+

Data BreachData Security/Compliance (Cloud DLP/Encryption)

Compromised AccountsThreat Protection (UEBA)

Cloud MalwareVisibility (Apps Firewall)

Data Loss PreventionDLP for email and Drive

User interaction audits and information DiscoveryDrive Audit logs, Vault

Fine-Grained Admin ControlsOU level Drive controls

11


Users

We do love our users, but 95% of security attacks involve human

error

12


Is phishing effective?*

3%

The most obvious phishing webpages

Trick users 3%

of the time

13%

Average phishing webpages

Trick users 13%

of the time

Trick users 45%

of the time

Hijackers move fast

20%

20% of accounts are accessed within

30 minutes of being phished

* Google study of manual hackers

The most believable phishing

webpages

45%

13


Two factor authentication (Security key management)

14


Visibility into user interactions (Drive Audit Logs)

15


Making Sense of your Global Cloud Activities

16


Example of why you need User Behavior Entity Analytics

North America

9:00 AM ET▪ Login to:

Africa

10:00 AM ET▪ Data export from:

● Distance from the US to the Central African Republic: 7,362 miles● At a speed of 800 mph, it would take 9.2 hours to travel between

them

17


eDiscovery and Archive (Vault)● Quick and easy legal discovery (email, Drive content)● Preserve company data (email and Documents retention policies and holds)● Export and Share results

18


Security at Application level


3rd Party Applications

20

Google confidential | Do not distribute 21

3rd Party Application CARI score and classification


Fine tuned admin controls: Drive Data Access at Org level

22


CloudLock is embedded within the UI of a SWG

Extensibility: Shadow IT Discovery Integration

23


Data Leak Prevention


Create trusted relationships between domains

25


Fine tuned admin controls: Managing Sharing by OU

26


Advanced Data Loss Prevention ● Predefined content detectors (Internationalized)● Optical Character Recognition (OCR)● Content thresholds settings (control # of false positives)

27

^4[0-9]{12}(?:[0-9]{3})?$


CloudLock Encryption Management for Google

File and Folder-Level Encryption

Protect your most sensitive content within Google Drive from unauthorized access

User and Policy-Driven

Enterprise-Owned Keys

On-Premises or In Cloud

Preserve real-time co-authoring

28


Where to get your cloud security superpowers?

APPSACCOUNTS

DATA

+

Protect your Company Data from being lost, stolen, and exposed

Protect against Cloud malware, phishing attacks, and other breaches

Protect your corporate accounts and safeguard your users

29


1. Contact your Google account manager

2. Contact [email protected] to learn more about

Cloudlock:

What now?

First 5 Attendees to contact Hayley will get a CloudLock Cyber Security Assessments for FREE !!!!!

30


Thank YouQuestions?

31

Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock

Technology

Transcript of Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock