enabling dropbox for business
TRANSCRIPT
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute!
Enabling Dropbox for Business
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Excellent security team and controls in
place to protect your data from hackers
More and more enterprises are confident
trusting their data with Dropbox
Can be deployed with a
Single Sign-On solution
Dropbox for Business is a secure solution
Johnny.B.Good
•••••••••••••••
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Johnny.B.Good
•••••••••••••••
What is not secure…
Password-based authentication has
inherent limitations
Human Nature – intentional or accidental
misuse of a valuable tool
Even if the tool is secure, organizations need
to govern their use of the tool
Compliance Risks?
Compromised Credentials?
Malicious Insiders?
Data Governance?
Malware Threats?
Unsecured BYOD Access?
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
No malicious intent just bad practice
Determined internal threat
Compromised devices or credentials
Inappropriate sharing of
critical content
Broad sharing of data
outside of specified groups
Moving restricted data
between services
Sending data to external sources
without considering implications
Failing to limit collaborators
to appropriate groups
Disgruntled employee
Dishonest Employee
Employee leaving to
join competitor
Terminated employee
who still has access
Uploading critical data
to personal storage
Phishing attacks
Man in the middle
Keystroke loggers
Stolen device
Stolen credentials
Socially engineered theft
Threat Vectors
12%7%80%
Aberdeen Group reportSaaS Data Loss — The Problem You Didn’t Know You Had (2014)
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Zeus-style malware hidden under
user https session
Illegal transactions made.Data stolen and uploaded
under https session! No visibility
Malware Example
Zeus-like Malware targets Cloud Apps
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute. 6
Who Controls Sharing?
Sharing has become
democratized (no longer top-
down controls)
Even file owners no longer fully control how their files are shared
Alice shares a file with
Bob
Shadow Data
Bob shares that file publicly
without Alice’s knowledge
READ WRITEREAD ONLY
READ ONLYREAD ONLY
READ ONLYREAD ONLY
READ WRITE
READ WRITE
READ WRITEREAD WRITE
READ WRITEREAD ONLY
READ WRITEREAD ONLY
READ WRITEREAD ONLYREAD ONLY
READ WRITE
READ ONLY
READ WRITEREAD ONLYREAD WRITE
READ WRITEREAD ONLY
READ ONLYREAD ONLY
READ WRITEREAD WRITE
READ WRITE
READ ONLY
READ ONLY
READ ONLY
READ ONLY
READ ONLYREAD ONLY
READ ONLYREAD ONLY
READ ONLYREAD ONLY
READ ONLY
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Inadvertent Sharing
Legacy Sharing
Over Sharing
Public Shares /“Loose” Shares
Inherited File & Folder
Permissions
Forgotten Shares
Shadow Data
former staff freelance contractorfrom 2007
media contact with access to master
“marketing” folder
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
files stored in the
cloud per user
(average)
All Company
68%
files per user are
broadly shared
(average) External
19%
13%
Public
contain compliance related data
PII
56%29%
PHI
15%
PCI
20%of these files
2037 185
5% of users responsible for 85% of risk!
Shadow Data
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Bob
Shared
Payroll.docx
with Alice
But it’s not that
simple Alice is anExternal Collaborator
UsingDropbox
From anUnmanaged Device
The File ContainsPII Risk
From anAnomalous Location
Required Granularity of Visibility and Control
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Relies on outdated perimeter concept
Does not understand cloud app activity at a granular level
Is not context aware
Many times ignores encrypted traffic
Assumes links are safe
Traditional Security Approaches Fall Short
Traditional Company Environment
?
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Gaining Visibility into Cloud Apps
Gateway
front door
back door
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
StreamIQ™
Deep visibility into
encrypted cloud traffic
Extracts all cloud
service objects and
activities (upload,
download,
share, delete)
Understands internal
vs. external
collaborators
ContentIQ™
Machine learning, semantic
analysis, natural language
processing, etc. used to provide
accurate file classification and
risk assessment (PII, PCI,
HIPAA, Source Code, etc.)
Use the above in policy to easily
alert, block, or remediate
ThreatScore™
Dozens of machine learning models
run per-user against StreamIQ™
events to tease out weak signals
indicating compromise, intentional
malicious activity, or accidental risky
behavior
Never before possible at this scale100’s of thousands of users harnessing the power of the cloud
Data Science Enables File Sharing in the Cloud
Copyright (C) 2015 Elastica, Inc. Confidential Information. Do Not Distribute.
Data Science PoweredTM Cloud App Security
Elastica GW
Cloud APIs
FW Logs
ElasticaCloudSOC™
Business Readiness Rating™
ThreatScore™
Content Classification
Granular Cloud Usage
PII PCI PHI Source Code
StreamIQ™
ContentIQ™
Machine Learning Semantic Analysis Natural Language Processing Graph Theory
Data Science Powered™ Cloud App Security
Fully understand how files are being shared in your organization
Quick and Easy – setup in minutes.Start seeing results in a couple hours!
Expose risky content and develop policy/coach users
Find PII, PCI, HIPAA, Encrypted/Compressed Files, Source Code and more
Drill down on risky behaviors and perform immediate incident response
Find compromised user accounts, suspicious behavior, malware
Get your Shadow Data Risk Assessment from your local Elastica team today!
Visit us to learn how
you can find risks and
protect critical content
in your file sharing
apps.
elastica.netEnabling Dropbox for Business