閉める
閉める
明日に向けたネットワーク
明日に向けたネットワーク
サポートするアプリケーションとユーザー向けに設計された、より高速で、より安全で、回復力のあるネットワークへの道を計画します。
          Netskopeを体験しませんか?
          Netskopeプラットフォームを実際に体験する
          Netskope Oneのシングルクラウドプラットフォームを直接体験するチャンスです。自分のペースで進められるハンズオンラボにサインアップしたり、毎月のライブ製品デモに参加したり、Netskope Private Accessの無料試乗に参加したり、インストラクター主導のライブワークショップに参加したりできます。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            SSEのリーダー。 現在、シングルベンダーSASEのリーダーです。
            Netskope、2024年ガートナー、シングルベンダーSASEのマジック・クアドラントでリーダーの1社の位置付けと評価された理由をご確認ください。
              ダミーのためのジェネレーティブAIの保護
              ダミーのためのジェネレーティブAIの保護
              ジェネレーティブ AI の革新的な可能性と堅牢なデータ セキュリティ プラクティスのバランスを取る方法をご覧ください。
                ダミーのための最新のデータ損失防止(DLP)eBook
                最新の情報漏えい対策(DLP)for Dummies
                クラウド配信型 DLP に移行するためのヒントとコツをご紹介します。
                  SASEダミーのための最新のSD-WAN ブック
                  SASEダミーのための最新のSD-WAN
                  遊ぶのをやめる ネットワークアーキテクチャに追いつく
                    リスクがどこにあるかを理解する
                    Advanced Analytics は、セキュリティ運用チームがデータ主導のインサイトを適用してより優れたポリシーを実装する方法を変革します。 Advanced Analyticsを使用すると、傾向を特定し、懸念事項に的を絞って、データを使用してアクションを実行できます。
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        レガシーVPNを完全に置き換えるための6つの最も説得力のあるユースケース
                        Netskope One Private Accessは、VPNを永久に廃止できる唯一のソリューションです。
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                          Colgate-Palmoliveは、スマートで適応性のあるデータ保護により「知的財産」を保護します
                            Netskope GovCloud
                            NetskopeがFedRAMPの高認証を達成
                            政府機関の変革を加速するには、Netskope GovCloud を選択してください。
                              一緒に素晴らしいことをしましょう
                              Netskopeのパートナー中心の市場開拓戦略により、パートナーは企業のセキュリティを変革しながら、成長と収益性を最大化できます。
                                Netskopeソリューション
                                Netskope Cloud Exchange
                                Netskope Cloud Exchange(CE)は、セキュリティ体制全体で投資を活用するための強力な統合ツールをお客様に提供します。
                                  Netskopeテクニカルサポート
                                  Netskopeテクニカルサポート
                                  クラウドセキュリティ、ネットワーキング、仮想化、コンテンツ配信、ソフトウェア開発など、多様なバックグラウンドを持つ全世界にいる有資格のサポートエンジニアが、タイムリーで質の高い技術支援を行っています。
                                    Netskopeの動画
                                    Netskopeトレーニング
                                    Netskopeのトレーニングは、クラウドセキュリティのエキスパートになるためのステップアップに活用できます。Netskopeは、お客様のデジタルトランスフォーメーションの取り組みにおける安全確保、そしてクラウド、Web、プライベートアプリケーションを最大限に活用するためのお手伝いをいたします。

                                      Do You Know What’s Happening in the Cloud at Your Organization?

                                      Apr 03 2014
                                      Tags
                                      Data Loss Prevention Software
                                      Dropbox Security
                                      Netskope Cloud Report
                                      Risks
                                      Shadow IT
                                      Tools and Tips

                                      The following post was originally featured on the Cloud Security Alliance (CSA) blog:

                                      For as long as “Shadow IT” has existed, technology vendors have encouraged IT professionals to uncover unsanctioned apps in their organizations so they can block them. But people rely on apps like Box, Dropbox, Evernote, Jira, and Workday for business critical functions. A recent Cloud Report revealed that 90 percent of organizations grossly underestimate the number of cloud apps running in their environment, and 77 percent of cloud apps are not enterprise ready. The cloud is such a part of standard practice that blocking even non IT-run apps isn’t an option anymore.

                                      With just a little diligence, you can eliminate the catch-22 of letting people use the cloud apps they want while protecting the enterprise from data loss and network threats. By looking closely at cloud app usage, implementing granular policies, and using data to have a conversation, you can make employees more productive while protecting the business’ interests.

                                      Here are ten ways:

                                      1. Evaluate app risk. Discover the cloud apps in your environment and evaluate their risk against an objective yardstick. You can comfortably deploy and manage low-risk apps. For higher-risk ones – especially ones you don’t procure or administer – go a step further to evaluate how those apps are being used in your enterprise. Are they broadly deployed or used in important ways? Do they deal with sensitive data? If so, you may need to limit certain activities (e.g., share) across all of the high-risk apps or partner with the business to select less risky alternatives.
                                      2. Monitor usage. Go beyond simply discovering cloud apps in your environment to understand what people are doing in them. Measure users and usage volume to ascertain scope of the app’s impact. For heavily-used apps, identify activities (e.g., sharing, downloading, and editing), and build a business case to either support the app or, in the case of redundancy, suggest consolidation. Finally, look at usage through a risk lens, assigning each activity a risk level. When you find an app in which users are performing high-risk activities, set a policy blocking the risky activity.
                                      3. Look for anomalies. When monitoring activities, it’s important to set a baseline so you can detect anomalous behavior. Create a set of activities you regularly track for that could signal risky behavior or an external attack. Anomalies to watch out for include sudden spikes in usage, excessive downloading, and log-ins in from atypical locations or from two locations at once.
                                      4. Block an activity, not an app. Some technology vendors encourage IT to uncover unsanctioned apps so they can shut them down. This sledgehammer approach is so yesteryear and pits IT against the business. Rather than block apps wholesale, analyze the activities within apps that represent the most risk (e.g., downloading to a mobile device, sharing with someone outside of the company) and block them. This lets you shape the activity to mitigate risk. Make sure you do this for not just the apps you manage but especially for the ones you don’t.
                                      5. Protect data in context. Adopters of data leakage prevention solutions – or any detection technologies for that matter – know full well that too many false positives erode the value of a solution. Rather than just detect patterns or key words, define granular contextual situations incorporating user, group, app category, location, device, and activity (such as upload or share) that help narrow the scope of where a data breach is likely to occur. This helps increase accuracy when you do apply data loss prevention techniques such as blocking or encrypting.
                                      6. Have a conversation. Some businesses need to comply with strict regulations like PCI or HIPAA, but at the same time need to allow usage of cloud apps. In this case, when you find an app or app behavior that could hurt your compliance status, learn how the app is being used, come up with a few options to improve your compliance status, and then have a conversation about it with the user or line of business. Tapping someone on the shoulder and having a data-driven conversation increases the chance of an optimal outcome for everyone.
                                      7. Provide alternatives. If you need to block a certain app because it doesn’t meet your industry’s compliance needs, investigate and provide alternatives. It’s possible to identify apps that have similar features and functionality to riskier ones. Tell your staff why certain apps put the business at risk (e.g., poor auditability or lack of HIPAA compliance) and offer choices that better meet your criteria. This positions you as a problem-solver and increases the chances that personnel will solicit your input before procuring a cloud app next time.
                                      8. Trust but verify. Many businesses are reluctant to put onerous policies in place because their corporate culture centers on trusting people. However, being too trusting can compromise security and open you up to data leakage. To balance this, audit your cloud app usage on a periodic basis and set watch lists for particular behaviors that can signal a potential data breach or malicious activity.
                                      9. Do post-event forensics. Besides audits, perform forensic analysis after a suspected breach. For example, if a departing employee steals proprietary content to take to a competitor by downloading and re-uploading it to a cloud storage app, reconstruct a trail of those activities to generate the evidence you need to take action and even recover the content.
                                      10. Get specific. Run analytics and set policies based on combinations of app, category, user, group, location, device, OS, browser, time, app confidence score, activity, and content. This specificity allows you to be alerted when people in Investor Relations share content from a cloud app during the company’s quiet period, block downloads of sensitive documents to mobile devices, prevent HR employees from accessing salary data outside of work, and limit content uploads for people in Germany to apps hosted in the United States, among other parameter combinations.

                                      The above are ways to take a proactive approach to cloud adoption and enablement while also mitigating risk and keeping your businesses compliant with your policies. While you may find that sometimes the best course of action is to block an app, at least you have options and can make the decision with data.

                                      author image
                                      Sanjay Beri
                                      Sanjay brings more than two decades of innovation and success in the cloud, networking, and security industries.
                                      Sanjay brings more than two decades of innovation and success in the cloud, networking, and security industries.

                                      Stay informed!

                                      Subscribe for the latest from the Netskope Blog