Make Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

Similar documents
Go mobile. Stay in control.

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

Secure Access for Microsoft Office 365 & SaaS Applications

IBM Cloud Security for the Cloud. Amr Ismail Security Solutions Sales Leader Middle East & Pakistan

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

PrecisionAccess Trusted Access Control

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

Security Camp 2016 Cloud Security. August 18, 2016

McAfee Skyhigh Security Cloud for Amazon Web Services

Adopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security

Joe Stocker, CISSP, MCITP, VTSP Patriot Consulting

Zero Trust with Okta: A Modern Approach to Secure Access from Anywhere. How Okta enables a Zero Trust solution for our customers

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Hackproof Your Cloud Responding to 2016 Threats

IDENTITY AND THE NEW AGE OF ENTERPRISE SECURITY BEN SMITH CISSP CRISC CIPT RSA FIELD CTO

Secure & Unified Identity

Microsoft Security Management

Securing Your Cloud Introduction Presentation

Best Practices for Augmenting IDaaS in a Cloud IAM Architecture PAM DINGLE, PING IDENTITY OFFICE OF THE CTO

Secure access to your enterprise. Enforce risk-based conditional access in real time

Securing Office 365 & Other SaaS

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

Managing SaaS risks for cloud customers

Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

CLOUD WORKLOAD SECURITY

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

10 FOCUS AREAS FOR BREACH PREVENTION

Google Identity Services for work

Securing Office 365 with SecureCloud

OFFICE 365 GOVERNANCE: Top FAQ s & Best Practices. Internal Audit, Risk, Business & Technology Consulting

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Hackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm

Securing Digital Transformation

Embracing a Secure Cloud. Cloud & Network Virtualisation India 2017

Five Essential Capabilities for Airtight Cloud Security

WHITE PAPER AUTHENTICATION YOUR WAY SECURING ACCESS IN A CHANGING WORLD

Hybrid Identity de paraplu in de cloud

A CISO GUIDE TO MULTI-CLOUD SECURITY Achieving Transparent Visibility and Control and Enhanced Risk Management

Securing Office 365 with MobileIron

CHECK POINT CLOUDGUARD SAAS SUPERIOR THREAT PREVENTION FOR SAAS APPLICATIONS

Cloud Customer Architecture for Securing Workloads on Cloud Services

Cloud Transformation Program Cloud Change Champions June 20, 2018

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Today s workforce is Mobile. Cloud and SaaSbased. are being deployed and used faster than ever. Most applications are Web-based apps

Enterprise & Cloud Security

Creating an AWS Account: Beyond the Basics

Cyber Defense Operations Center

Integrated Access Management Solutions. Access Televentures

Definitive Guide to Azure Security

CHARLES DARWIN, CYBERSECURITY VISIONARY

TAKING THE MODULAR VIEW

Minfy MS Workloads Use Case

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

Security Readiness Assessment

Cloud Security, Mobility and Current Threats. Tristan Watkins, Head of Research and Innovation

Crash course in Azure Active Directory

Minfy MS Workloads Use Case

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

Mobile Field Worker Security Advocate Series: Customer Conversation Guide. Research by IDC, 2015

Part 1: Anatomy of an Insider Threat Attack

6 Key Use Cases for Securing Your Organization s Cloud Workloads. 6 Key Use Cases for Securing Your Organization s Cloud Workloads

Managing Microsoft 365 Identity and Access

SignalFx Platform: Security and Compliance MARZENA FULLER. Chief Security Officer

Managing Your Privileged Identities: The Choke Point of Advanced Attacks

PEOPLE CENTRIC SECURITY THE NEW

Cloud Infrastructure Security Report. Prepared for Acme Corp

The Challenge of Cloud Security

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

Best Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES BEST PRACTICES FOR IDENTITY FEDERATION IN AWS E-BOOK

Cloud-Security: Show-Stopper or Enabling Technology?

Who am I? Identity Product Group, CXP Team. Premier Field Engineer. SANS STI Student GWAPT, GCIA, GCIH, GCWN, GMOB

VMware Hybrid Cloud Solution

McAfee MVISION Cloud. Data Security for the Cloud Era

The Oracle Trust Fabric Securing the Cloud Journey

Building a More Secure Cloud Architecture

AUTOMATE THE DEPLOYMENT OF SECURE DEVELOPER VPCs

How Microsoft s Enterprise Mobility Suite Provides helps with those challenges

Best Practices in Securing a Multicloud World

Keep the Door Open for Users and Closed to Hackers

How Identity as a Service Makes UCaaS/SaaS Integrations More Scalable, Productive, and Secure

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.

NIST Cybersecurity Framework Protect / Maintenance and Protective Technology

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Top Reasons To Audit An IAM Program. Bryan Cook Focal Point Data Risk

Cloud Computing. An introduction using MS Office 365, Google, Amazon, & Dropbox.

Whose Cloud Is It Anyway? Exploring Data Security, Ownership and Control

CLOUD SECURITY CRASH COURSE

Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro

Evolution of Cyber Security. Nasser Kettani Chief Technology Officer Microsoft, Middle East and Africa

How-to Guide: Tenable.io for Microsoft Azure. Last Updated: November 16, 2018

NETWORK FORENSIC ANALYSIS IN THE AGE OF CLOUD COMPUTING.

MigrationWiz Security Overview

Cyber security tips and self-assessment for business

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Clouds in the Forecast. Factors to Consider for In-House vs. Cloud-Based Systems and Services

Transcription:

Make Cloud the Most Secure Environment for Business Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)

Enterprise cloud apps Consumer cloud apps The average organization now uses 1,935 cloud apps 1935 1427 1682 513 582 1187 409 897 333 an increase of 15% over last year 626 169 457 259 638 854 1018 1169 1353 2013 2014 2015 2016 2017 2018 Source: McAfee Cloud Adoption Report, Nov 2018 2

The average Financial Services organization uses 1,545 cloud apps Source: Business @ Work Finance 2018, Okta 3

Most Cloud Apps are not Enterprise-ready Source: McAfee Cloud Adoption Report, Nov 2018 4

Office365, Workday, AWS, Azure?

Most Organizations: 38 days to patch a vulnerability regardless of security level 34 days to patch most critical CVEs Source: Tcell Report on Security Patching

Mature Cloud Providers: Weekly planned patching model Critical vulnerabilities patched in 24 hours Source: Tcell Report on Security Patching

Source: Gartner Through 2020, public cloud infrastructureas-a-service (IaaS) workloads will suffer at least 60% fewer security incidents than those in traditional data centers

Source: Microsoft Microsoft s annual security budget: $1bn

Source: Gartner Through 2022, at least 95% of cloud security failures will be the customer s fault

Cloud security is a shared responsibility

Shared Responsibility Model for Cloud IaaS PaaS SaaS Data Classification & Accountability Shared Responsibility Client & End-Point Protection Identity & Access Management Application Level Controls Network Control Customer Responsibility Service Provider Responsibility Host Infrastructure Physical Security 12

Shared Responsibility Model for SaaS Data Classification & Accountability Client & End-Point Protection Identity & Access Management 13

Shared Responsibility Model for SaaS Rogue Employee Unmanaged devices Compromised Accounts Collaboration Malware 14

87% companies permit employees to use unmanaged devices to access business apps Source: McAfee Cloud Adoption Report, Nov 2018

Source: McAfee Cloud Adoption Report, Nov 2018 21% of cloud data is sensitive

83% of organizations worldwide admit that they store sensitive data in the cloud Source: McAfee Cloud Adoption Report, Nov 2018

48.3% of files in the cloud are shared

12% of shared files are accessible to anyone with a link 14% of files shared with a personal email address Source: McAfee Cloud Adoption Report, Nov 2018 19

Cloud is the new favorite target of threat actors Source: McAfee Cloud Adoption Report, Nov 2018 20

81% of all hacking-related breaches leveraged either stolen and/or weak passwords Source: Verizon Data Breach Investigation Report 2018

Of All Organizations, Every Month 94%: at least 1 insider threat 80%: at least 1 compromised account threat 92%: stolen cloud credentials on dark web Source: Verizon Data Breach Investigation Report 2018

Persistent Login Attack Brute Force Logins Distant Cousin Attack MO Enumerate usernames (using first, middle and last names) 5-60 different username combinations attempted per User Number of attempts vary proportionally, to the value of the User Attempt logins for each of the usernames Multiple IPs used, one attempt by one IP using one password Threat Objectives Assess the organization s O365 authentication framework (username validation, SSO, MFA etc) Identify valid usernames, system accounts etc; and if they federate to an SSO/MFA Compromise O365 accounts 23

KnockKnock Attack Attack MO Target system accounts, that do not have MFA or federate to an SSO Target admins & accounts that have higher privileged access (non-federated auth accounts like *.onmicrosoft.com for O365) Threat Objectives Compromise high privilege system accounts Widen a breach using malware or phishing leading to deep-set infiltration Rogue Machines Originating Geos & Networks Large Enterprises Service Accounts 24

Identifying cloud threats is like finding a needle in the CloudStack 100M:1 events:threats Source: McAfee Cloud Adoption Report, Nov 2018 25

High-Risk Shadow Med/Low-Risk Shadow Salesforce Custom Apps 5% 5% 16% Office 365 contains the most sensitive data, at 31% AWS 13% 11% 31% Slack 2% Google Docs 2% 7% 8% Office 365 Box ServiceNow Source: McAfee Cloud Adoption Report, Nov 2018 26

Threats in Office365 have grown 63% in past two years

Shared Responsibility Model for IaaS/PaaS Data Classification & Accountability Client & End-Point Protection Identity & Access Management Application Level Controls Network Control Host Infrastructure Physical Security 28

Shared Responsibility Model for IaaS/PaaS Rogue Use Provisioning Sprawl Compromised Accounts Containers and Workloads Misconfiguration Workload to Workload Communication Malware 29

AWS dominates in terms of user access count Source: McAfee Cloud Adoption Report, Nov 2018 30

Most organizations have a multi-cloud strategy Source: McAfee Cloud Adoption Report, Nov 2018 31

Average organization has 14 misconfigured IaaS services running at a given time Source: McAfee Cloud Adoption Report, Nov 2018

Top 10 most commonly misconfigured AWS services 1. EBS Data encryption is not turned on 2. There s unrestricted outbound access 3. Access to resources is not provisioned using IAM roles 4. EC2 security group port misconfigured 5. EC2 security group inbound access misconfigured 6. Unencrypted AMI 7. Unused security groups 8. VPC Flow logs disabled 9. Multi-factor authentication not enabled for IAM users 10.S3 bucket encryption not turned on Source: McAfee Cloud Adoption Report, Nov 2018 33

Source: McAfee Cloud Adoption Report, Nov 2018 34

GhostWriter Threat Attack MO Identify publicly readable, writeable or AWS user readable, writeable buckets Identify publicly modifiable or AWS user modifiable ACLs Plant malware in the publicly accessible AWS buckets Threat Objectives Leak hundreds of thousands of records from misconfigured S3 buckets Distribute malware using trusted-iaas instances 35

Average organization experiences 1,527 DLP incidents in IaaS/PaaS per month Source: McAfee Cloud Adoption Report, Nov 2018

Source: Gartner In 2018, the 60% of enterprises that implement appropriate cloud visibility and control tools will experience 33% fewer security failures

Source: Gartner Security of the past is inadequate

Security of the Past was Network-centric Enterprise Data and Applications were Secured by Locking Everything Down Network Devices Enterprise Data center 39

Security of the Cloud has to be Cloud-native SaaS IaaS/PaaS Enterprise Data Creation and Access in the Cloud Bypasses Existing Network Security Infrastructure 40

Security of the Cloud has to be Cloud-native SaaS IaaS/PaaS and has to be convenient enough! 41

Cloud-native Security Regaining Visibility w/o Friction SaaS Devices Cloud-native Security Platform IaaS/PaaS Connect and Regain Visibility 42

Cloud-native Security Enforcing Control w/o Friction SaaS Devices Cloud-native Security Platform IaaS/PaaS Connect and Regain Visibility Enforce Threat and Data Protection Policies 43

Cloud-native Security Platform SaaS Managed and Unmanaged Devices IaaS/PaaS Visibility Control Gain complete visibility into data, workloads, containers and user behavior in the cloud Apply persistent protection to sensitive data and take real-time action to correct policy violations 44

Making Cloud the Most Secure Environment for Business Cloud increasingly is home to sensitive enterprise data Data sharing in the cloud is increasing Data loss and threat vectors span SaaS and IaaS/PaaS Cloud security is a shared responsibility Deploy cloud-native security platform 45

Thank you!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback