Glass Class - Securing Silicon Valley
Hi everyone, and welcome to Glass Class. Today we're going to be talking about some of the most common use cases we see technology companies using cloud access security brokers for. When a technology company embarks on the cloud and thinks about securing it, there are a couple of main goals. But chief amongst them are, number one, mitigating risk, and, number two, protecting intellectual property. In many ways, cloud apps are a boon to productivity. But if you do so at the expense of these two things, you've really not achieved much and put a lot of your organization at risk.
What are the main use cases? Technology companies, like a lot of companies, are moving to Office 365 in droves. That's a big driver for a lot of them. But what we see across technology companies that you may not see in other organizations is a very wide variety of cloud-based applications. These are early adopter types of organizations. They've probably been using a number of cloud-based applications for years. They have a highly technical workforce. The other thing you see here is a need to secure BYOD. Most of these organizations are allowing BYOD across their workforce, and the ability to protect data in those types of contexts is absolutely critical.
With these goals and with these use cases in mind, let's take a look at our cloud access security broker data protection stack and talk about what are the key elements that we see employed most often by technology companies. One, as we always say, identity is the cornerstone or the foundation of a lot of truly secure cloud security deployments. Second, getting an idea, a handle, on suspicious user activities that may be happening across your cloud app - whether it's because of credential compromise or malicious insiders is critical. Access control - we see a lot of this. Some people are more comfortable with managed devices versus unmanaged devices, so they want to put some restrictions on unmanaged device access. Things like external sharing out of an app like Office 365’s OneDrive are very scary.
Threat and malware - these are critical as well. As cloud applications become a bigger and bigger target, you see more and more bad actors attempting to get malware and other types of things (exploits) into these cloud-based applications where they can disperse across an organization and cause a lot of damage. Then, of course, because of this BYOD element, we have the mobile data protection piece that many technology providers or technology companies employ that allows them to protect that data not only in the cloud but the data that's synced or downloaded to employees’ endpoint devices.
There you have it, the most common set of technology components and use cases that we see across technology companies that are exploring and adopting cloud access security brokers. Thanks for joining Glass Class.