I met with Rajneesh Chopra, VP Product Management based in California, Yu Jing Cheng, Regional Sales Director for Australia and New Zealand, and Michael See, Director, Sales Engineering. Their collective aim was to educate me in the heady world of cloud, data loss prevention (DLP) and a new term – Cloud Access Security Brokers (CASB). They also wanted Australia to know that it now had a Netskope cloud in Australia that complied with the various government specifications.
First some definitions
DLP is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that control what data end users can transfer.
CASB is on premise or cloud-hosted software that act as a control point to secure cloud services. It includes a range of capabilities including encryption, auditing, data loss prevention, access control, and anomaly detection e.g.
- Discovery of all cloud services and apps in use by employees
- Assessment of the risk of each cloud service or app
- Auditing and logging of cloud usage
- Ability to demonstrate compliance in the cloud
- Encrypt or tokenize data to protect from breaches, compliance
- Ways to detect malware
- Control access based on user, device, location
Rajneesh started by talking about trust – what should, and what should not be kept in the cloud. “Three years ago cloud was more a concept than a reality. Today every major corporation and government uses the cloud in various ways and the stakes for protecting that data are even higher when you take in to account both the content and context of the data stored there,” he said.
He referred to the Australian Bureau of Statistics report on cloud usage in Australia (note this was recently released and covers the 2103-14 year) which shows a steady increase in cloud deployment for enterprises employing more than 200 people. Of those companies the threat of a security breach topped the list of cloud fears, with more than 30 percent of respondents nominating it as an obstacle.
He explained that even at enterprise level API’s from Google, Facebook, Twitter and more are being used on mobile endpoints to sign into enterprise clouds. While it makes it easier for the user, it increases the potential for confidentiality breaches - convenience can be abused.
Rajneesh talked about the three stages of safe cloud enablement.
- Find all the cloud apps and services running in your environment and assess the risks. Netskope can provide compliance certifications, security and audit features, business continuity capabilities, and legal terms that define if an app is enterprise-ready or not
- Understand activity and data level usage. Are there apps up/downloading personally identifiable information (PII) that should not be. What sensitive content do we have in our sanctioned cloud storage app, regardless of when it was uploaded? Detect anomalous behaviour that could signal compromised credentials, non-compliant behaviour, or even malware. Create activity audit trails following a suspected event
- Secure. Rather than completely block apps, enforce granular policies like ‘Block sharing if it’s to someone outside of the company’ or ‘Encrypt any PII found in our sanctioned cloud storage app.’
Rajneesh explained that too many blocking systems produced false positives. “Let’s say that you have the word ‘Secret’ on your rules list. Traditional DLP will report that each and every time it appears but Netskope can ‘drown out that noise’ via machine learning and setting confidence levels – it gives you very fine grain control over data,” he said.
“Then there are apps installed on endpoints – most harmless enough but some can be dangerous in an enterprise environment. Netskope gives you precise control of apps, how they are used, and the context of their use,” he said.
“Netskope produces a kind of audit trail of metadata of all app and cloud interaction. It does this by redirecting all traffic from the endpoint device via the Netskope cloud – or you can have it on premise. There is no noticeable addition of latency,” he said.
“Netskope sells its services via partners. In Australia we are economical from about 300 seats,” said Yu Jing Chen.
DLP and App security on end points are two burning issues that this software addresses. I was heartened to see it also worked with other DLP solutions like Symantec. It is all about confidence in using the cloud.