Stay a Step Ahead in SaaS Security

Video Activity
Start your free 3-day trial and become one of the 3 million Cybersecurity professionals advancing their career goals
Sign up with
OR

Already have an account? Sign In »

Time
13 hours 21 minutes
Difficulty
Intermediate
CEU/CPE
14
Video Transcription
00:05
Hi. My name is on it. Sawani, and we're gonna talk about how to secure SAS applications. Let's start looking at what the problem looks like right now. Right? So you have users
00:13
that are in all these different locations there. The headquarters there in the bronze location, there, traveling all over the world. Ah, they could be sitting in a coffee shop or they could be using the personal devices.
00:25
They're accessing SAS applications that are in the cloud. And these are these could be office 3 65
00:32
These could be salesforce
00:35
are they could also be personal applications like dropbox.
00:40
Now,
00:41
your data from your headquarters and all these different locations is now being stored within the SAS applications. Now, how do we actually secure this?
00:50
There's a very popular term known as Casby, a cloud access security broker
00:55
that provides a few functions.
00:58
You want to be able to discover
01:00
all the APS that your users are using, as well as the data that's stored over there.
01:04
You also want to be able to provide data protection.
01:10
This is to ensure that there's no data leaks happening that are very critical to your business.
01:15
Third, you want to be able to protect from threats
01:19
like malware that may be stored in SAS applications and that may get distributed to other users within your company.
01:26
And then finally, you want to be able to protect the user
01:30
from things like credential theft. Right? So these four function that typically classified as Casby, a cloud access security broker.
01:41
Now, how does Paolo Alto Network's implemented? And the right way to do this is actually to have a fully cloud delivered platform
01:49
that contains two things. It contains a connective ity layer
01:56
that essentially make sure that no matter rare user is you connecting up to the same area,
02:01
which
02:02
then provides a bunch of different security functions that allow you to do these four things that I mentioned earlier.
02:10
So
02:12
your users are connecting over here.
02:15
You have all these different security services as the access T SAS applications. Now,
02:22
the SAS applications, as I mentioned earlier, could be personal. It could be enterprised. Now, how do you actually classify these assets? Your first step,
02:29
as I mentioned earlier here, is to discover the different types of APS here. And so you want to actually stock to categorize these APS, as
02:37
sanctioned,
02:42
tolerated
02:45
an unsanctioned. What is? What do each one of these means?
02:49
So
02:51
sanction Naps are the ones that you purchases. I t team. Right? So you've actually paid for these APS And these are office with 35 sales. For some things like that,
02:59
unsanctioned are the ones you want to completely block out. You want to make sure that no one's accessing the zaps. These could be high risk applications. And tolerated are the ones that you want to make sure that you may be working with a marketing firm or a law firm that actually uses APS. That may not be standard.
03:14
So you want to allow a little bit of access, maybe an upload function, but block out or download function?
03:19
All this can be done with the central cloud delivered Casby platform that we spoke about all year.
03:25
Finally, I do also want to call out
03:29
for sanctioned applications, specifically
03:32
your crown jewels. Your data is all stored here that are critical to your business
03:38
and using an A P I Lear
03:40
connected to the same cloud delivered Casby platform,
03:44
we want to be able to provide additional capabilities like data protection like Milorad detection, as well as looking at anomalous behavior of users
03:53
within these enterprise app that you may be using here. So the combination off in line,
04:00
plus a P I based
04:01
security services, is how we deliver SAS security
04:06
within Pal all the networks we have Global Protect cloud service for in line security and aperture for a P I based security to help, too Curious *** applications. To learn more about both these products, go to Palo Alto networks dot com. Thanks for watching.
Up Next