Security Management for The Enterprise

Report
Pravin Kothari
Founder & CEO
CipherCloud
(former VPE & co-founder ArcSight)
Cloud’s Explosive Growth in SMB
Entering Enterprises and Governments
3
Security Breaches Escalating
Highly Advanced & Persistent Cyber Threats
4
Cloud Computing in Enterprise/Government
Tug of War Between End Users & Security
Business Execs Desire
More Cloud Services
Security/Compliance Execs
Have Cloud Concerns
Agility & Flexibility
Lack of Control & Visibility
Reduce cost
Data Privacy
Minimal Administration
Data Residency
Best-of-breed apps
Regulatory Compliance
5
Revolutionary CipherCloud Encryption Gateway
Encrypt Sensitive Data in Real-time Before it’s Sent to the Cloud

Encryption Preserves App’s
Format & Operations

Keys retained by Customer

No impact on usability
6
Configuration
for each
Application
Record
as seen by
“authorized users”
Record
as seen by
“Unauthorized Users”
Encrypt Data at the Source Before it Leaves Your Network
TOP CLOUD THREATS
Malicious Insiders at Cloud Provider
Account, Service & Traffic Hijacking
Insecure Application Programming Interfaces
Shared Technology Vulnerabilities
Data Loss, Leakage, Remanence
Unknown Risk Profile
Customer’s encryption at the source can satisfy controls that are left for
customers in Provider’s FISMA / ISO-27001 certification.
8
Sample Customer Use Cases
Organization
F100 Investment Bank
Pain-points Addressed
Confidentiality of highly sensitive M&A discussions
from Malicious Insiders Threat at SaaS provider
Public Healthcare Agency
FISMA & HIPAA required encryption of patient information going
to a cloud for physicians collaboration
Hi-Tech Defense
Contractor
ITAR required defense clients’ information restricted to citizens,
which was not guaranteed by their cloud provider
New Democratic Party of
Canada
Required to retain 24M Canadian voters identities within the
country while using SaaS in the US to run their campaigns
Personal care product
Manufacturer, Germany
Their resellers required residency of uploaded customer data
within the country
9
Open & Extensible Platform for Ecosystem
Rapid Development of 3rd-Party Cloud/App Plug-ins
Private
Cloud
Ownership
CipherCloud
Gateway
Out-of-the-box
Cloud
Integration
Open
Plug-in
Framework
10
Customer Benefits
 Protect against emerging cloud threats
 Eliminate data privacy and security concerns
 Satisfy compliance and data-residency requirements
 Avoid risk of privacy breaches (e.g. Sony, Epsilon, RSA)
 Data Breach cost estimated at $214 per customer record*
 Accelerate cloud adoption
*The Ponemon Institute
 Significant cost savings migrating on-premise apps to cloud
“Without CipherCloud, we won’t be able to use cloud.”
Customer interview in SearchCloudSecurity.com
11
Key Partners
Strategic Cloud Partners
ISV OEM/VARs
Distributors
Global SIs
12
Proven Team
Seasoned
Executives
Expert
Advisory
Board
Pravin Kothari, CISSP, CISA
Varun Badhwar, CISSP, CISA
Founder & CEO
Co-founder ArcSight (SIEM,$1.6B exit)
VP Product Marketing & Alliances
Global ISV Security Salesforce.com
Founder, Agiliance (Security-GRC)
Risk Advisory KPMG
Chakra Yadavalli, CISA
Michael Kochanik
VP Engineering, Chief Architect
VP Worldwide Sales
Dir Engineering, Agiliance (Security-GRC)
Chief Architect, Phulaxis (ERP SoD)
VP Sales & GM CollabNet
Geodesic Systems; IKOS Systems
KPMG Partner- Shahed Latif
AIG Global CISO– Paul de Graaff
Prudential ex-CISO- Ken Tymisnki
Marriott ex-VP,Info Protection, Chris Zoladz
Fifth Third Bank ex-CISO Bob West
Kaiser Director Risk –Ramy Houssaini
Qualys Founder – Gilles Samoun
Sun-Microsoft - Dev Ghoshal
Top Tier
Investors
Strategic Investment
13
Honors and Awards in 2011
 Gartner Cool Vendor in Cloud Security Services 2011
 Most Innovative Company Finalist, RSA Conference 2011
 Best in Security , Under The Radar 2011 Judge & Audience Choice Winner
 Best in Software & Cloud , TiEcon 2011 Innovation Expo Winner
 Best Security Startup, America West, Global Security Challenge (Oct 2011)
 5 Cloud Security Companies to Watch, Network World (Oct 2011)
14
Takeaways
 Your Data-At-Rest in the cloud is exposed to emerging cloud threats
 Most SaaS/cloud databases are in ‘plaintext’
 Encrypt the sensitive data at source before it leaves your network
 Protect your data against all external threats
 Encryption keys should be with customers, not shared with providers
 Innovative technologies, such as CipherCloud, make it possible
Please visit the demo area for a live demo
Free Trials available at CipherCloud.com
15

similar documents