Cracking the Code on SaaS Security & Compliance

  • Thursday, 28 Apr 2016 1:00PM EDT (28 Apr 2016 17:00 UTC)
  • Speaker: Brandon Cook

SaaS vendors provide robust security. However, in the shared responsibility model, enterprises are responsible for access to and usage of their data. How do you protect corporate data in your core SaaS applications (e.g. Office 365, Salesforce, Box, Slack, ServiceNow)?

Join the SANS Institute and Skyhigh Networks for a discussion on today's most pressing SaaS challenges, from visibility and threat protection to compliance and data security.

We'll review hard data on the types of sensitive information accessed, shared, and sometimes stolen, from SaaS applications and answer questions that will guide cloud security strategies, including:

  • How do you herd users onto corporate-approved applications?
  • What do you do with regulated PHI, PII, and PCI data headed to the cloud?
  • What differentiates an insider threat or compromised account from abnormal usage?
  • How do you enforce different access policies for managed vs. unmanaged devices?
  • What are the telltale signs of a rogue administrator?