STORYBOARDS

STORYBOARDS

8%of healthcare orgs

had cloud apps deployed in 2014

37%of healthcare orgs

had cloud apps deployed in 2015

cloud adoption is rising fast

Bitglass Cloud Adoption Report

STORYBOARDS

the traditional approach to

security is inadequate

STORYBOARDS

native security features can’t be relied upon:the data blind spot

components

usage/consumption

data

application

services

servers & storage

network

layer

data

application

infrastructure

owner

enterprise

STORYBOARDS

security must evolve to

protect data outside the

firewall

cloud:attack on SaaS

vendor risks sensitive data

access:uncontrolled access from any device

network:data breach - exfiltration & Shadow IT

mobile:lost device with sensitive data

5

STORYBOARDS

HIPAA technical safeguards for cloud

■ access control

○ granular context-based controls over access to both managed and unmanaged devices

○ secure identity/authentication

■ transmission security

○ end-to-end encryption

■ audit and visibility

■ data integrity

STORYBOARDS

access controlsthe new data reality requires a new security architecture

■ cross-device, cross-platform agentless data protection

■ granular DLP for data at rest and in motion

■ contextual access control

STORYBOARDS

controlling access from unmanaged mobile devices

■ secure mobile devices without invasive profiles or certificates; support multiple affiliations

■ protect data in “unwrappable” native apps like mail, contacts, calendar

■ selectively wipe corporate data

■ enforce device security policies

■ full data control and visibility for IT

STORYBOARDS

identitycentralized identity management is key to securing data

■ cloud app identity management should maintain the best practices of on-prem identity

■ SSO enables cross-app visibility into suspicious access activity

■ contextual multi-factor authentication mitigates risk

STORYBOARDS

transmission securityend-to-end protection

■ cloud data doesn’t exist only “in the cloud”

■ a complete solution must provide visibility and control over data in the cloud

■ solution must also protect data on end-user devices

■ leverage contextual access controls

STORYBOARDS

audit and visibility

■ detailed logging for compliance and audit.

■ identify PHI data at rest and external sharing

■ easily modify sharing permissions and quarantine files for review

■ detect and be alerted instantly of suspicious behavior

STORYBOARDS

data integrity

■ secure the data in the cloud - where you

have versioning and control over

permissions

■ apply granular DLP to sensitive data with

spectrum of actions from watermarking to

encryption.

STORYBOARDS

CASB: a better approach to cloud security

identity

discovery

data-centric security

mobile

STORYBOARDS

secure office 365

+ byod

challenge

■ Inadequate native O365 security■ Controlled access from managed & unmanaged

devices■ Limit external sharing

■ Interoperable with existing infrastructure, e.g. Bluecoat, ADFS

solution

■ Real-time inline DLP on any device (Citadel)■ Contextual access control on managed &

unmanaged devices (Omni)■ API control in the cloud■ Discover data breach & Shadow IT

fortune 50 healthcare provider

STORYBOARDS

HIPAA compliant

mobility

challenge:

■ Existing solution, AT&T Toggle, was obsolete■ HIPAA-compliant BYOD■ Migration path to Office 365

solution:

■ Agentless deployment ■ Usability, transparency & privacy

■ DLP of PII, PCI & PHI

■ Selective wipe; device PIN & encryption

■ Improved mobility for care providers

majorUS hospital system

STORYBOARDS

our mission

total data

protectionest. jan 2013

100+ customers

tier 1 VCs

resources:more info about cloud security

■Report: 2016 healthcare breaches

■Whitepaper: The Definitive Guide to CASBs

STORYBOARDS

bitglass.com@bitglass