By Sonia McPherson on Jun 22, 2018 3:40:05 PM
OBJECTIVES OF THE CRA
The objective of the CRA is to provide the end user with a basic “snapshot” in time that helps them to:
- Identify and build awareness around cloud usage
- Assess risk based on apps, users, usage, and data movement
- Understand potential data exposure
- Lay out step by step risk mitigation roadmap
Organisations are adopting cloud and SaaS at a rapid pace. Whether you allow or block these apps, chances are your users have found a way to access them. Performing a Netskope Cloud Risk Assessment with EveryCloud Ltd will help you understand which are in use in your organisation.
WHAT IS A CLOUD RISK ASSESSMENT (CRA)?
EveryCloud Ltd and Netskope have partnered to provide an Assessment that will provide you an overview of the apps, how enterprise-ready they are, how risky they are for your organization, and recommendations for mitigating that risk. It can provide answers to the hard questions your organisation’s leadership is asking, as well serve as a starting point for your cloud strategy.
HOW TO TAKE ADVANTAGE OF THE ASSESSMENT
To take advantage of the Assessment, all you need to do is upload your web proxy or firewall logs to a secure, dedicated SOC-1 and SOC-2 Type II-certified Netskope tenant instance. You may also choose to have Netskope perform the Assessment using alternative deployments, including Introspection, secure TAP, or in-line, whichwill give you additional visibility into DLP violations and granular activity details. Netskope Introspection inspects content that is already resident in a sanctioned cloud app (including cloud storage), irrespective of when it was uploaded or where it was created. Introspection inventories and classifies content, content owners and users, provides sharing status (private, shared, or public), and enables you to download files for review.
Once the analysis is complete, EVveryCloud will present the Assessment to you and your team. If you choose to pursue the Advanced Assessment, you will have access to tenant instance for one month to perform additional analysis.
WHAT IS INCLUDED IN THE ASSESSMENT?
Outlined below is what you can expect from the Assessment by EveryCloud Ltd
WHAT’S INCLUDED | DESCRIPTION |
Secure, dedicated Netskope instance | Secure, dedicated tenant, access for 1 month |
Discovered apps by category | Summarised for all categories + drill down in tenant |
Enterprise-readiness score and risk rating of discovered aps | Summarised for all apps + drill down in tenant |
App risk analysis | App risk breakdown overall and in key categories |
Data movement analysis | Detailed summary of data movement, including by users |
Sanctioned app analysis | Usage analysis + enterprise-readiness gaps |
Usage and activity analysis 1 | Risky activities (e.g. sharing, downloading, etc) in key apps |
Business concerns analysis | Usage identified against top business concerns |
Risk analysis mapped to your organisations business concerns | Summary + analysis + drill down in tenant |
Sensitive data exposure analysis (DLP violations in content at rest) 2 | Violations by type vs total files canned + exposure breakdowns |
Sensitive data violation analysis (DLP violations in content en-route) 3 | Violations discovered en-route to and from discovered cloud apps |
Recommendations | Recommendations mapped to business concerns + phased risk mitigation roadmap |
We are your bridge to the world’s leading cloud access and security solutions: recommending and deploying the right providers, then monitoring and reporting on all services to ensure you benefit from protection that is consistently strong and that evolves in line with new risks and emerging threats. We bring you the best protection at all times, with customised EveryCloud services to meet your precise requirements.
START YOUR ASSESSMENT TODAY
Contact your EveryCloud Ltd representative today for a quote and more information or register at:
https://www.everycloud.co.uk/contact/ email: discover@everycloud.co.uk
1 Available if Assessment performed in-line or in secure TAP deployment mode
2 Must perform content discovery against DLP profile(s) as part of Introspection
3 Available if Assessment performed in-line or in secure TAP deployment mode with DLP profiles enabled