Shadow IT Challenge
You can’t enable, manage, secure, or block what you can’t see. Organizations, departments, and individual users are all embracing the cloud and leveraging new apps to help improve productivity, but the majority of new apps are being adopted without any involvement from IT or Security. This results in a big shadow IT challenge with the typical organization accessing hundreds of cloud apps that IT isn’t aware of. The lack of a coordinated cloud-enablement strategy typically leads to a broad set of productivity, expense, security, and support issues. You need full visibility into cloud activity and the ability to block unwanted apps to enable cloud adoption in a secure and organized fashion.
True visibility is more than just app identification. The first step is identifying the full spectrum of cloud apps that are in use in your organization, but that isn’t enough. You need to understand who the vendor is, what the app does, how many users are accessing it, the volume of requests, and what level of risk it represents. Figure 8-1 lists key questions that all organizations have.
Figure 8-1 Key questions organizations have
On average, 24,000 files are exposed per organization, with the majority done using non-corporate email addresses. Figure 8-2 illustrates data exposure per organization.
Figure 8-2 Data exposure per organization
Cisco Cloudlock
Cisco Cloudlock is a cloud-native cloud access security broker (CASB) that helps you move to the cloud safely. It protects your cloud users, data, and apps. Cloudlock’s simple, open, and automated approach uses APIs to manage the risks in your cloud app ecosystem. With Cloudlock, you can more easily combat data breaches while meeting compliance regulations. Figure 8-3 illustrates Cisco Cloudlock solution.
Figure 8-3 Cisco Cloudlock solution
Cloudlock discovers and protects sensitive information for users, data. and applications. Figure 8-4 provides an overview of Cisco Cloudlock.
Figure 8-4 Cisco Cloudlock overview
User Security
Cloudlock uses advanced machine learning algorithms to detect anomalies based on multiple factors. It also identifies activities outside allowed countries and spots actions that seem to take place at impossible speeds across distances.
You can defend against compromised accounts and malicious insiders with User and Entity Behavior Analytics (UEBA), which runs against an aggregated set of cross-platform activities for better visibility and detection.