isc2-preso-2015
TRANSCRIPT
1 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
(ISC)2 Cloud Security Overview
EMC Corporate Case Study Frank Murphy Customer Success Manager
2 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
Topics
The Challenge
Case Study
Lessons Learned
Closing Thoughts
Deployment
3 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
The Way We Work Is
Changing
Share Access
Send Protect
4 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
What users
expect from
Legacy IT
What users expect today
in the consumer-friendly
Digital Age
Slow and Process-Heavy Simple: Search, Click, Buy
5 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
Consumerism and the Enterprise By the Numbers
1 Trillion + S3 Objects
$55B yearly
Cloud Storage is Mainstream now
Tablet sales outpace PCs
500 Mil.
Enterprise data recoverable
from Drop Box
0 Drop Box and
consumers tools
proliferate
7 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
CIO
Vic Bhagat CISO
Dave Martin
Service Owner
Ian Fitzgerald
• Give a consistent, convenient experience
• Be productive whether in the office or on the go
• Users are sophisticated enough to go around IT to get what they want
• Going consumer puts data at risk without IT knowing
• Cloud Storage has flexible scaling
• Elastic Growth and QoS
8 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
Overview
EMC IT Requirements: • A secure sync-and-share solution • Hybrid deployment: The IT organization preferred
software as a service (SaaS) • Use on-premises storage in EMC’s private cloud to
manage and control company data. • Enterprise-grade security, including integration with EMC
Single Sign On And two-Factor authentication • Virtualized servers to allow rapid deployment and scaling
to tens of thousands of EMC users • Secure access from anywhere, on any managed device. • A simple user experience, to encourage adoption • A “birthright” every new user gets an account • Primary StorageVault in the US, new StorageVault in
EMEA for regulatory & performance benefits
Sources: http://www.emc.com/collateral/customer-profiles/h12942-EMC-IT-Deploys-Syncplicity-cp.pdf http://www.emc.com/collateral/customer-profiles/h13009-emc-it-deployed-syncplicity-cp.pdf
9 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
Current State: 50K+ Users GRANULAR POLICY-DRIVEN STORAGE
DATA RESIDENCY CONTROL
ECONOMIC GAINS WITH SECURITY CONTROLS
Engineering Sensitive Content Finance/Legal Marketing
10 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
From Carrots to Carts
Lessons Learned
CISO’s “Carrot & Stick” – “The best way to secure a process isn’t to lock
it down, but allow it to happen with proper controls & reporting in place”
– Encourage adoption and enforce controls
IT as a Service Provider – IT Services Portal and Shopping Cart
– Peer-to-peer community based support, Customer Success webinars hosted by IT
11 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
Syncplicity gives IT the
SECURITY & CONTROL they need to deploy at scale
SECURITY User | Device | Folder | File Encryption, SSO, Remote Wipe, Retention, Reporting & Monitoring, Sharing/Access/Mobile Policies
ADMINISTRATION AND MANAGEMENT User Management, Group Management, AD Sync
FRICTIONLESS USER EXPERIENCE
12 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
External Sharing Policies
Folder Remote Wipe Policy
Folder Sharing Permissions
Folder
AD/SAML SSO
AD Provisioning
User and Group Management
Group Storage Quotas
Account Remote Wipe
Group-Level Policies
User
Optional 2-Factor Auth
MDM Integration
Access Restriction Policies
Device Remote Wipe
Mobile Sync Policies
Silent Installer
Device
End-to-End Encryption
IRM
Shared File Policies
File Type Restrictions
Data Retention Policies
Data Ownership
File
13 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
Considering Online File Sharing?
Know the Market & Product
– Gartner MQ, Forrester Research
– Get Attestations
– Identify Compensating Controls
Understand Business Models
– If its free, ask: Why is it Free?
– IT must be a service enabler. Rebooting isn’t enough anymore.
14 © Copyright 2014 EMC Corporation. All rights reserved. © Copyright 2014 EMC Corporation. All rights reserved.
Thank You