Proteggere Office365 e Cloud file sharing in meno di un minuto Tiberio Molino Sr.Sales Engineer Trend Micro
2
Customer Challenges 3
Most Attacks Include Phishing Emails 5
Advanced Malware Difficult to Detect 90% of malware is used only once Network Breach Detection Systems help but miss traffic between offnetwork devices and SaaS services MS Office files with malware used in 60% targeted attacks 60% 6
User behavior changing: Email Attachments Cloud File Sharing 7 Email gateways don t see files which are already in the cloud!
What are Users Uploading to the Cloud? Compliance data? Sensitive information? 8
Many Companies Gradually Move to Cloud Intermediate stage to full cloud deployment May always keep group of users on premises Want equivalent protection without extra management 9
Before Cloud Apps Network boundary Most components are inside network boundary Can add layered protection including endpoint, SharePoint, DLP, gateways, sandboxing
Endpoints are frequently outside the corporate network Network boundary Email and documents move to the cloud, gateways can t see them
An attacker sends a zero-day infected PDF to a remote employee s personal email
The employee uploads to Office 365 Another employee sees the PDF and downloads it
And this employee sends the PDF to a customer Customer
500,000 NEW unique threats EVERY day! 90% of malware Data Center only affects 1 device 90% of attacks begin with a spear-phishing email 16 Copyright 2015 Trend Micro Inc. Source: Trend Research 2015
Why do I need to supplement the security built in to Office 365? Exchange Online is designed and SLA backed to catch 100% known malware But 90% malware is used only once. Only 10% malware is known. Every customer needs a strategy to deal with unknown malware If you bought a new home with a smoke detector guaranteed to detect 10% of fires would you supplement it? 17 Copyright 2015 Trend Micro Inc.
RANSOM_CERBER.A 18 Copyright 2015 Trend Micro Inc.
Securing SaaS-based Applications Advanced Threat Detection Finds zero-day and hidden threats Sandbox file analysis in the cloud Web reputation for URLs in email/files Data Loss Prevention (DLP) Discovery and visibility into confidential data usage. DLP enforcement for cloud file sharing 240 customizable templates Direct cloud-to-cloud integration using vendor API s. No user changes, email rerouting, or web proxy. 19
Cloud App Security Architecture API s https DLP URL scan Malware scan / file risk assessment (Microsoft Azure datacenters) https Sandbox Analysis <2% of files (Trend Micro datacenters) Trend Micro Cloud App Security 20 All communications encrypted No email/files stored Quarantines located in customers accounts for Office 365, Box, Dropbox, Google Drive
Simple and Elegant Integration with SaaS Services API Cloud App Security Direct cloud-to-cloud integration using vendor s API s No impact to user/admin functionality Supports all devices, anywhere Fully automatic setup (above 5000 users contact Trend Micro for best practices) MX R e c o r d S o f t w a r e U s e r settings We b p r o x y 21
Cloud App Security s DLP Functionality 240 built in compliance templates which can be customized Import, create your own templates Exchange Online OneDrive for Business, Box, Dropbox, Google Drive, SharePoint Online Discovery (manual scan of database) Visibility / Reporting Enforcement delete/quarantine Not available* * in-line blocking of email DLP violations is not available due to a limit of the Microsoft API 22
How is it different from Microsoft s Advanced Threat Protection Service? 1. More Protection Microsoft ATP Trend Micro Cloud App Security Office 365 email OneDrive, SharePoint Box, Dropbox, Google Drive 2. Fewer Delays Trend Micro risk assessment avoids sandboxing 98% files and analyzes files quicker: Microsoft ATP Trend Micro Cloud App Security Average sandbox time 7-8 min* 4-5 min * MSFT users report frequent 15-30 min delays 3. Better Protection Trend Micro top rated Deep Discovery technology Microsoft new unproven technology AV-Test finds Trend Micro 100% effective against unknown malware and Microsoft only 76.5% Cloud App Security detected 1.2M malicious files Jul 15-May 16. If it had an effectiveness score of only 76.5%, then 282,000 malware would have remained undetected AV-Test.org Jan-Jun 2015 testing of endpoint security products shows the relative effectiveness of security technologies against unknown malware 23
Cloud App Security Service Delivery Netherlands US Germany US Japan Cloud App Security service, hosted by Microsoft Azure Sandbox service (<2% files), hosted by Trend Micro 99.9% Available No email/files stored by Trend Micro Quarantines located within customer accounts for Office 365, Box, Dropbox US & EMEA sites are not interconnected All communications use encrypted https 24
Find Hidden and Zero Day Malware Dynamic Sandbox Analysis Leverages technology from Trend Micro Deep Discovery: 27
Central Visibility with Control Manager User centric threat and DLP visibility across web, endpoint, email, cloud security layers Single viewpoint into hybrid Office 365 & on-premises Exchange architectures 28
More protection than a SaaS email gateway solution Redirect email with MX-Record change SaaS Email Gateway Direct API integration into the cloud service Cloud App Security Email Gateway Cloud App Security Inbound email Spam, Threat Threat (including malicious spam) Internal email no protection Threat, DLP reporting Outbound email Threat, DLP enforcement, email encryption Threat, DLP reporting (no enforcement for outbound) Cloud file sharing & collaboration no protection Threat, DLP enforcement 30
31
Demo! 33
34
www.trendmicro.com/office365 36
Grazie! tiberio_molino@trendmicro.it 37