securing office 365: security gaps the enterprise must fill
DESCRIPTION
As much as Silicon Valley startup execs love to portray Microsoft as a dinosaur, the fact is that Office 365 adoption is accelerating in the enterprise. Office 365 offers a promising compromise for enterprises deciding, “to cloud or not to cloud": Bring cloud-based productivity tools under the company’s security umbrella so that people can work the way they want to, without sending sensitive company data astray. The idea that you can simply shift responsibility for your company’s data security to Microsoft, however, couldn’t be further from the truth. You can achieve Office 365 data security... but only through a partnership that involves, at its core, a comprehensive in-house security plan, together with Office 365’s built-in security functionality. In this webinar, Ben Kepes, technology evangelist and subject matter expert, and Rich Campagna, VP Products at Bitglass, will help you understand where Microsoft’s security responsibility ends, and where yours begins, highlighting key gaps to keep in mind as you make the move to Office 365, and how to solve them.TRANSCRIPT
Securing
Gaps the Enterprise Must Fill
Ben KepesTechnology Evangelist
Rich CampagnaVP, ProductsBitglass
© 2014 Bitglass – Confidential: Do Not Distribute
Cloud Adoption - Are We There Yet?
Source: 2014 Bitglass Cloud Adoption Report - http://pages.bitglass.com/five_essentials_cloud_adoption.html
But isn’t the cloud already secure?
No
No
Maybe
No
Yes
Yes
Yes
Yes
Even the experts can’t agreeP
SaaS Security = Joint Responsibility
Usage/Consumption
Data
Application
Services
Servers & Storage
Network
Data
Application
Infrastructure
Enterprise
App Vendor
● Vendor controls the infrastructure and systems
● Customer still needs good processes and systems
● GRC is still key
© 2014 Bitglass – Confidential: Do Not Distribute
Single sign on
Auditing
Access control
DLP
Mobile device management
What Tools Do Enterprises Need?
P
Data Outside the Firewall - Risk
Mobile
Clo
ud
In the Cloud At Access
On the DeviceOn the Network
Attack on SaaS vendor risks sensitive data
Download of data without audit trail
Upload of corporate data to Dropbox
Lost tablet containing financial records
Bitglass Total Data Protection
*Patents pending Mobile
Clo
ud
In the Cloud* At Access*
On the Device*On the Network
Public cloud flexibility, private cloud security
Complete visibility and control over all transactions
Discover shadow apps in-use on the network
Protect cloud data sync’d to devices
© 2014 Bitglass – Confidential: Do Not Distribute
Ben Kepes
@benkepes
Questions?
Rich Campagna
@bitglass
© 2014 Bitglass – Confidential: Do Not Distribute
Total Data ProtectionOutside the Firewall