Transcript Document

Threat Landscape: Shadow IT
Stronger Security Posture
Through Secure Application Use
July 17, 2015
Agenda
The Rise of Cloud Applications in the Enterprise
Shadow IT: Reality and Pervasiveness
Impact on Security Posture
Building a Risk-Averse Cloud Environment
VPN
VPN
VPN
VPN
Internet
VPN
Remote User
Wi-Fi Hotspot
FIREWALL
What are the most popular apps?
49%
46%
45%
40%
Microsoft
Office 365
4
LinkedIn
Facebook
Google
Apps
July 17, 2015
36%
Drop Box
35%
Gmail
35%
Google
Drive
SaaS Use Case: External Collaboration
Project Manager
5
Third Party Vendor
July 17, 2015
SaaS Use Case: Email Attachment Size
Project Manager
Third Party Vendor
Coworker
6
July 17, 2015
Agenda
The Rise of Cloud Applications in the Enterprise
Shadow IT: Reality and Pervasiveness
Impact on Security Posture
Building a Risk-Averse Cloud Environment
Frost & Sullivan:
The Hidden Truth Behind Shadow IT
Frost & Sullivan:
The Hidden Truth Behind Shadow IT
Frost & Sullivan:
The Hidden Truth Behind Shadow IT
Who is really behind Shadow IT?
Number of Non-IT approved Saas Apps Used by You Personally
IT
17%
65%
17%
2%
LOB
19%
76%
4%
1%
NONE
1–5
6–10
11–19
SaaS
Applications
Installed
83% IT USERS
LEVERAGE SHADOW IT
VS
.
81% OF NON-IT
LEVERAGE SHADOW IT
Apps in the Shadows
Top Applications Used without IT Approval or Policy Applied
Microsoft Office 365
Zoho
LinkedIn
Facebook
Google Apps
Google Drive
Gmail
Drop Box
Apple iCloud
Wordpress
Google+
Youtube
Agenda
The Rise of Cloud Applications in the Enterprise
Shadow IT: Reality and Pervasiveness
Impact on Security Posture
Building a Risk-Averse Cloud Environment
Gartner Report
Heightened Security Risks
Unauthorized Access to
Sensitive Corporate Data
Data Loss
(Accidental or
Intentional)
RISKS
Compromised
Account Information
17
Negative Impact on
Corporate Reputation
from a Breach
Malware Infiltration to
Corporate Network
July 17, 2015
Frost & Sullivan:
The Hidden Truth Behind Shadow IT
What are the most incident-prone apps?
35%
25% 24% 24%
23% 21%
Facebook
19
Twitter
You
Tube
LinkedIn
Google+
Skype
July 17, 2015
18% 18% 17% 17%
Apple
iCloud
Gmail
Microsoft
Skydrive
Google
Apps
Security Impact: Google Apps
24%
29%
25%
Account
Information
Compromised
21%
Negative
Impact
on Corporate
Reputation
Sensitive
Data Leaked
Outside of the
Organization
Corporate
or Personal
Data Stolen
Infected
with
Malware
20
Unauthorized
Access by a
Malicious Actor
24%
27%
Security Impact: Microsoft Skydrive
28%
38%
Unauthorized
Access to
Encrypted Data
21
Infected with
Malware
28%
25%
Sensitive Data
Leaked Outside
of the
Organization
Unauthorized
Access by
Malicious
Actor
Account
Information
Compromised
22%
Corporate or
Personal Data
Stolen
24%
Security Impact: Dropbox
19%
17%
Sensitive
Data Leaked
Outside of the
Organization
24%
Infected
with
Malware
Unauthorized
Access by
Malicious
Actor
Unauthorized
Access to
Encrypted Data
19%
Account
Information
Compromised
17%
22
Corporate or
Personal Data
Stolen
19%
Security Impact: Facebook
25%
Account
Information
compromised
16%
Negative Impact
on Corporate
Reputation
Unauthorized
Access by
Malicious Actor
19%
Sensitive
Data Leaked
Outside of the
Organization
Infected
with
Malware
23%
23
Corporate or
Personal Data
Stolen
25%
28%
Agenda
The Rise of Cloud Applications in the Enterprise
Shadow IT: Reality and Pervasiveness
Impact on Security Posture
Building a Risk-Averse Cloud Environment
What can be done?
DO NOTHING?
CLAMP DOWN.
TAKE ACTION!
Security Connected Approach
WEB, EMAIL,
IDENTITY
Web Protection
Identity and Authentication
Email Protection
Data Loss Prevention
COMPREHENSIVE
MALWARE
PROTECTION
Advanced Threat Defense
REAL TIME
SITUATIONAL
AWARENESS
Real Time Visibility
CLOUD
On-Premises
Web & Email Protection
Vulnerability Management
Virtual
Hybrid
PROTECT YOUR ORGANIZATION
26
Recommendation #1
Enable the applications
you want
Control what
information is shared
Apply policy based on
specific application,
user, group, risk
ENFORCE APPLICATION CONTROLS
Recommendation #2
DLP:
CREDIT CARDS
TRIGGER
ENCRYPTION
SAFEGUARD DATA
28
Recommendation #3
Single
Sign On
Account
Provisioning
Strong Auth
Laptop
Internal User
Mobile
ENABLE SECURE ACCESS
29
Aggressive, Multi-Layered Protection
Focus on identifying and blocking malware
Web
Protection
Engine
Geolocation (GTI)
URL Filtering (GTI)
Web Categorization (GTI)
File Reputation (GTI)
Media/File Analysis
SSL Scanning
Signature-based Anti-Malware
Proactive Anti-Malware
30
Next Steps
STEP ONE
STEP THREE
Run Web Gateway
Proof of Concept
Communicate
Results.
Take Action!
STEP TWO: REVIEW RESULTS
APPLICATION NAME
SUM OF HITS
BitTorrent Variants
22640
Google Analytics
1183
Hotmail
766
Facebook
754
Other
TOTAL
4093
29463
CATEGORYNAME
# of Detailed
Web Access
Payment Card
Industry – Credit Card Number
Violations
35
DLP: User-Defined Dictionary
23
SOX Compliance – Merger and
Acquisition
1
TOTAL
59
MALWARE NAME
SUM OF HITS
McAfeeGW: Heuristic.BehavesLike.JS.Infected.A
38
GoMcAfeeGW: Heuristic.BehavesLike.JS.Unwanted
19
McAfeeGW: Heuristic.BehavesLike.Win32.SuspiciousBAY.G
11
McAfeeGW: Heuristic.BehavesLike.Win32.Suspicious-BAY.K
7
Other
12
TOTAL
87
Additional Solutions: Email Protection
Scan email links
as they are clicked
Prevent phishing attacks
targeting popular brands
Protect your network
against data exfiltration
STOP PHISHING ATTACKS
33
Additional Solutions: Vulnerability Manager
Scan Web Applications
for vulnerabilities
Understand what sensitive
data is being used
Stay up to date as new
applications are deployed
Evaluate risk and
take action
CLOSE DANGEROUS VULNERABILITIES
34
Additional Solutions: Real Time Command
Discover additional
applications used on
employee systems
Assess risk level
Block and
delete in real time
MONITOR ON-PREMISES APPLICATIONS
35