ciso platform webcast: shadow data exposed
TRANSCRIPT
![Page 1: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/1.jpg)
Shadow Data Exposed@Zulfikar_Ramzan / CTO / www.elastica.net
12-November-2014
![Page 2: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/2.jpg)
Overview
Rapid increase
in enterprise cloud service
adoption (SaaS , IaaS): Shadow IT.
Sensitive data stored on these services is also
increasing: Shadow Data.
Organizations (legacy
technologies) lack visibility into
these movements.
![Page 3: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/3.jpg)
SaaS - Fastest Growing Segment of Public
Cloud
3
$130B SaaS Market by 2020
![Page 4: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/4.jpg)
Methodology
Used APIs for
cloud file
sharing
services (Box,
Google Drive)
Identified
seven high-
level risks
(backed by
data)
100MM+ files
anonymized,
analyzed
Wide variety
of regulated
and targeted
verticals
![Page 5: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/5.jpg)
Risk 1: Volume of Content in File Sharing Apps
is on the Rise
5
• Roughly 9% of files are broadly shared• Of these, 68% shared company wide, 19%
shared externally, 13% share publicly• Speaks to ease of sharing!
![Page 6: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/6.jpg)
Risk 2: Up to 20% of broadly shared files contain
compliance-related data
Personally Identifiable Information (PII)
Protected Health Information (PHI), governed by
HIPAA
Payment Card Information (PCI), governed by PCI-
DSS6
![Page 7: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/7.jpg)
Risk 3: Sensitive and valuable data is often at
risk
Data Governance extends beyond compliance
There are many kinds of sensitive documents that should not be widely shared
7
![Page 8: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/8.jpg)
Risk 4: Inbound sharing can create liability and risk for your organization
INBOUND
SHARING IS
INCREDIBLY
EASY
DATA WILL
NOT PASS
THROUGH
YOUR
PERIMETER
WHAT
LIABILITIES
ARE
CREATED?
![Page 9: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/9.jpg)
Risk 5: The worst offenders are often
concentrated to just a few
9
PARETO
PRINCIPLE
APPLIES
FOCUS
EDUCATION
ON THESE
BAD
ACTORS
WANT TO
KNOW WHO
IS BEHIND
ACTIONS
![Page 10: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/10.jpg)
Risk 6: Passwords and encryption are not
enough
10
![Page 11: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/11.jpg)
Risk 7: Efficient remediation can save days of
effort per user
11
67minutes
16seconds
vs
![Page 12: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/12.jpg)
Tectonic Shift in the Market
1
2
On Premises SOC 1.0
Unmonitored activities
Outside reach of SOC 1.0
On-PremisesMany pieces to Buy, Assemble & Operate
The Need for Visibility
![Page 13: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/13.jpg)
Elastica’s CloudSOCTM Taps Multiple
Sources
1
3
Elastica CloudSOC
Firewall
Gateway
MDM
API
Remote
Worker
Gateway
MDM
Firewall
BYOD
On-premises worker
Gaining Visibility
![Page 14: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/14.jpg)
Recap
1Volume of content on the rise
220% of broadly shared files contain compliance data
3Sensitive & valuable data is often at risk
4Inbound sharing creates liability & risk for yourorg.
5
Worst offenders are often concentrated to just a few
6
Passwords and encryption are not enough
7Efficient remediation can save days of effort per user
VISIBILITY ACTION
![Page 15: Ciso Platform Webcast: Shadow Data Exposed](https://reader033.vdocument.in/reader033/viewer/2022042816/559457e21a28ab5e2f8b471f/html5/thumbnails/15.jpg)
Next Steps
Shadow Data Exposedhttp://www.elastica.net/wp-file-sharing/
The 7 Deadly Sins of Traditional DLP in the New World of Shadow IThttp://www.elastica.net/ebook-7sins-dlp
http://www.linkedin.com/company/elastica
https://www.facebook.com/ElasticaInc
@ElasticaInc