13 hours 21 minutes
Hi. My name is on it. Sawani, and we're gonna talk about how to secure SAS applications. Let's start looking at what the problem looks like right now. Right? So you have users
that are in all these different locations there. The headquarters there in the bronze location, there, traveling all over the world. Ah, they could be sitting in a coffee shop or they could be using the personal devices.
They're accessing SAS applications that are in the cloud. And these are these could be office 3 65
These could be salesforce
are they could also be personal applications like dropbox.
your data from your headquarters and all these different locations is now being stored within the SAS applications. Now, how do we actually secure this?
There's a very popular term known as Casby, a cloud access security broker
that provides a few functions.
You want to be able to discover
all the APS that your users are using, as well as the data that's stored over there.
You also want to be able to provide data protection.
This is to ensure that there's no data leaks happening that are very critical to your business.
Third, you want to be able to protect from threats
like malware that may be stored in SAS applications and that may get distributed to other users within your company.
And then finally, you want to be able to protect the user
from things like credential theft. Right? So these four function that typically classified as Casby, a cloud access security broker.
Now, how does Paolo Alto Network's implemented? And the right way to do this is actually to have a fully cloud delivered platform
that contains two things. It contains a connective ity layer
that essentially make sure that no matter rare user is you connecting up to the same area,
then provides a bunch of different security functions that allow you to do these four things that I mentioned earlier.
your users are connecting over here.
You have all these different security services as the access T SAS applications. Now,
the SAS applications, as I mentioned earlier, could be personal. It could be enterprised. Now, how do you actually classify these assets? Your first step,
as I mentioned earlier here, is to discover the different types of APS here. And so you want to actually stock to categorize these APS, as
an unsanctioned. What is? What do each one of these means?
sanction Naps are the ones that you purchases. I t team. Right? So you've actually paid for these APS And these are office with 35 sales. For some things like that,
unsanctioned are the ones you want to completely block out. You want to make sure that no one's accessing the zaps. These could be high risk applications. And tolerated are the ones that you want to make sure that you may be working with a marketing firm or a law firm that actually uses APS. That may not be standard.
So you want to allow a little bit of access, maybe an upload function, but block out or download function?
All this can be done with the central cloud delivered Casby platform that we spoke about all year.
Finally, I do also want to call out
for sanctioned applications, specifically
your crown jewels. Your data is all stored here that are critical to your business
and using an A P I Lear
connected to the same cloud delivered Casby platform,
we want to be able to provide additional capabilities like data protection like Milorad detection, as well as looking at anomalous behavior of users
within these enterprise app that you may be using here. So the combination off in line,
plus a P I based
security services, is how we deliver SAS security
within Pal all the networks we have Global Protect cloud service for in line security and aperture for a P I based security to help, too Curious *** applications. To learn more about both these products, go to Palo Alto networks dot com. Thanks for watching.