As public cloud adoption continues its meteoric rise, enterprises are looking to ensure the security of their business-critical data on third-party systems. According to Gartner, the public cloud market is expected to pass the $300 billion mark in 2018 and reach $400 billion by 2020. The rise of cloud computing and bring-your-own device (BYOD) has steadily eroded the perimeter to the point that business-critical information—the most valuable corporate asset in today’s digital economy—now lives in many places outside of the corporate network and managed devices:
- 18.1% of files enterprises upload to cloud-based file sharing and collaboration services contain sensitive data.
- 43.1% of files in cloud file sharing services are shared. Of these, 17.7% are accessible to the whole company, 6.2% to personal email accounts, and 5.5% for anyone with a link.
- 9.3% of files shared externally (i.e. with business partners, personal email accounts, open links) contain sensitive content.2 •
- 21% of sensitive files that are shared externally are accessed within 5 minutes of the sharing action, making response time critical to preventing data breaches.
With cloud security being a shared responsibility in which customers are accountable for their users, data, and applications, organizations not only need to enforce appropriate security controls for different cloud services, they also require a central control point to enforce the same set of security policies across their SaaS, PaaS, and IaaS deployments. In fact, Gartner predicts that, through 2020, 95% of cloud security failures will be the customer’s fault. This has caused enterprises to look for ways to enforce additional security controls on their cloud solutions beyond what a cloud service provider offers natively.
Today, we’re pleased to announce the launch of McAfee CASB Connect, industry’s first self-serve program that enables any cloud service provider or partner to rapidly build lightweight API connectors to McAfee Skyhigh Security Cloud to secure any cloud service, without writing a single line of code. With this program enterprises can leverage McAfee Skyhigh Security Cloud to confidently adopt any cloud service from the McAfee CASB Connect Catalog and enforce the same set of security policies for all their cloud applications to accelerate their business.
“One of the core tenets of our vision is to make cloud the most secure environment for businesses, The McAfee CASB Connect Program framework enables every cloud service in the catalog to easily conform to the security needs of enterprises, thus minimizing the security barriers that hinder cloud adoption and allowing enterprises to confidently adopt cloud services to accelerate their business.”
Rajiv Gupta, senior vice president of the Cloud Security Business Unit, McAfee
McAfee is committed to cloud security innovation
The common challenge that organizations face is bringing out-of-the-box comprehensive CASB support for large number of enterprise cloud services beyond the standard ones like Office 365, Box, Salesforce, AWS, etc. To address this challenge and continue its leadership in cloud security innovation McAfee is reinforcing its commitment to an open eco-system approach with the self-serve CASB Connect framework, enabling any third party to quickly build API connectors to McAfee Skyhigh Security Cloud in order to extend McAfee’s deep and proven cloud security capability to any cloud service via API integrations.
“At Honeywell we want our employees to do the best work they can using the cloud tools available to them. We don’t want to be the department that simply says no to our users. McAfee’s new program is critical to our strategy of enabling our employees to benefit from the use of mission-critical cloud services while protecting our corporate data and users in the cloud.”
Shaun Marion, vice president and chief security officer, Honeywell
The McAfee CASB Connect program delivers several core CASB capabilities to customers using SaaS, PaaS or IaaS. By providing a broad coverage of security features, the program ensures that security isn’t a barrier to enterprise cloud adoption. By delivering a self-serve solution integrated out-of-the-box, the McAfee CASB Connect program minimizes time spent managing multiple security consoles and accelerates secure cloud adoption. McAfee addresses several cloud security use cases, including:
1. Prevent unauthorized sensitive data from being stored in cloud collaboration, file-sharing, or storage services.
McAfee’s content analytics engine discovers sensitive data created, stored in, or uploaded to cloud services based on keywords and phrases, regular expressions, file metadata, structured/unstructured data fingerprints, keyword dictionaries, etc. Security administrators are provided with multiple automated remediation options including notifying the end user, notifying an administrator, and quarantining or deleting the file.
2. Capture a complete audit trail of all user activity for post-incident forensic investigations
McAfee Skyhigh Security Cloud integrates with cloud services to provide complete and granular visibility into how a cloud service is being used by users and administrators. With McAfee organizations can identify:
- Who is accessing a cloud service, their role, device type, geographic location, and IP address
- How much data is being shared, accessed, created or updated, uploaded, downloaded, or deleted
- Successful/failed login attempts
- User account creation/deletion as well as updates to accounts by administrators Drill down further into activity
McAfee supports and dramatically accelerates post-incident investigation while decreasing incident response time.
3. Detect compromised accounts, insider threats, and privileged access misuse, and malware infections across all cloud services
McAfee combines machine learning and user and entity behavior analytics (UEBA) to build a self-learning behavior model that can detect anomalous activity patterns in a cloud service—or across cloud services—indicative of a insider threat or compromised account, including excessive failed login attempts, brute-force attacks, login attempts from untrusted or disparate locations, etc.
McAfee protects organizations against malicious or negligent insider threats such as unwarranted escalation of permissions by a privileged user. McAfee incorporates security analyst input into machine learning models to improve accuracy. As analysts mark false positives and adjust detection sensitivity, McAfee tunes detection models. McAfee further minimizes false positives by correlating user activity within a cloud service with activities across all other cloud services to correctly identify actual threats.
Hear what participating cloud service providers have to say about the CASB Connect Program
As a leader in cloud content management, Box provides organizations with a single platform to collaborate on and manage their most critical information, while ensuring best-in-class security and compliance. Our partnership with McAfee means that even the most highly regulated businesses can meet the strictest of data governance requirements without getting in the way of collaboration and business processes happening across their organizations.
Niall Wall, senior vice president, Business Development and Platform Sales, Box
Centrify is excited to join McAfee’s CASB Connect Open API program. When integrated with McAfee’s cloud security offering, Centrify’s Identity Platform provides a more powerful Zero Trust Security solution that meets standards across multiple industries and keeps company data safe.
Steve Cacciaroni, director, Business Development, Centrify
As a leading collaboration platform, we understand that security is a critical consideration for businesses when selecting a cloud service provider. Our partnerships with best-in-class security companies like McAfee are key to making Dropbox the ideal solution for businesses and industries of all types and sizes.
Billy Blau, global head of Business Development and Partnerships, Dropbox
As we continue building our ecosystem, we look for trusted partners that provide tangible value for our customers. By partnering with McAfee, we are creating an added layer of protection to Egnyte Connect that will help keep our customers and their content safe.
Ronen Vengosh, vice president, Platform and Ecosystem, Egnyte
With cloud and mobile adoption increasingly moving data outside of the traditional perimeter, organizations need new strategies to mitigate modern threats and protect their sensitive information. By leveraging Okta and the McAfee Skyhigh Security Cloud together, our joint customers are able to secure users, devices and data across the cloud adoption lifecycle – acting as a centralized control point across an organization’s cloud services.
Patrick McCue, senior vice president, Worldwide Partners, Okta
The partnership between McAfee’s Cloud Security Solution and OneLogin’s Unified Access Management platform provides enterprises with integrated access control and risk mitigation across their application portfolio. We’re excited to join McAfee CASB Connect and enable customers across industries to improve security of data and users in cloud services.
Tim Gunderson, vice president, Business Development, OneLogin
As a leading cloud-based platform for work execution, at Smartsheet we’re focused on meeting the strict security requirements of large enterprise organizations. That’s why we are thrilled to partner with Skyhigh. Our customers can deploy solutions quickly and confidently, knowing their data is protected anywhere it goes.