Cloud security specialist Elastica helps CIOs tame shadow IT
The past several weeks have seen no less than three startups emerge from stealth mode to tackle the unauthorized use of public cloud services in the enterprise—a growing phenomenon that is driven, in part, by increasing end-user frustration with internal offerings. The newest contender that has emerged from stealth mode is Elastica, which launched last week with $6.3 million in Series A funding from Mayfield Fund, a global venture capital firm in Menlo Park, Calif. Elastica told siliconANGLE that it plans to use this funding “for core development of the product as well as initial go-to-market efforts.”
This trend of employees using public cloud services without permission is growing due to the ease with which they can attain these services. “Subscription-based cloud services offer an attractive alternative for enterprise employees to streamline their work activities, collaborate easily with colleagues and be more productive,” Rehan Jalil, CEO and President of Elastica, told siliconANGLE. “Cloud services are often easy to adopt. With free trials, inexpensive subscriptions and easy-to-cancel policies, barrier to adoption of cloud services by employees is low. Hence, ad hoc adoption of cloud services at all levels in the enterprise is on a very steep rise.”
Of course, this ad hoc adoption of cloud services poses great risks to the enterprise. One of the greatest risks is that these corporate assets—important documents, critical intellectual property, etc.—no longer have the same level of scrutiny that they had when they were on-premise or in private data centers, according to Jalil. “While having a valid user name and password is a good start, there is no guarantee that these credentials were not compromised,” he explained. “One obvious concern is data leakage, where malicious insiders or compromised credentials can lead to unauthorized access to data outside the company.”
A second real concern, Jalil said, is malware that may be designed to attack your assets in the cloud. “Such malware can highjack legitimate user sessions to gain access to sensitive data,” he said.
Elastica’s new CloudSOC solution
Prior to establishing Elastica in 2012, Jalil, a veteran entrepreneur, served as a venture advisor to Mayfield and led mobile packet core vendor WiChorus (acquired by Tellabs). Elastica‘s team members have deep expertise in data science and visualization, and the company boasts a board that includes Cloudera CEO Tom Reilly, MapR CTO and cofounder M.C. Srivas and UC Berkeley computer science professor Ion Stoica.
The firm has applied its world-class know-how to create its new hosted CloudSOC (Cloud Security Operations Center) solution, a centralized hub for monitoring network activity and enforcing security policies—the two main pain points facing CIOs struggling to tame shadow IT.
In addition to monitoring network activity and enforcing security policies, another major pain point that exists for CIOs when it comes to shadow IT is, according to Jalil, the forensics capabilities that are needed for post-incident analysis. “[This is] the ability to dive into historical transactions with cloud activity and find out exactly what happened with a particular user or document on a particular date,” he said. “Having tools that can provide detailed queries and analysis of all cloud transactions is very valuable for CIOs and security analysts.”
Elastica‘s CloudSOC solution helps CIOs to solve these pain points in a number of ways. “In addition to being able to audit cloud usage, detect threats in real time, and protect data by enforcing policies and controls,” Jalil explained, “CloudSOC also allows enterprise users to launch targeted investigations against a wealth of information, including historical transactions from their cloud activity. These queries are processed instantly with an intuitive user interface, allowing users to quickly get the information they need.”
Elastica’s hosted platform utilizes StreamIQ, a homegrown machine learning technology, to scan inbound and outbound Web traffic for suspicious patterns. When a suspicious pattern is found, CloudSOC will assign a ThreatScore to that activity. “The ThreatScore indicates the severity of the threat,” Jalil explained. “It can lead to alerts or, if severity is high, [policies can be set to] block all the traffic and terminate the user’s session.”
The platform also provides real-time visibility into what employees are doing with company information—activities which may violate company policy. The most common problem that it helps uncover is instances when “an employee may intentionally or accidentally share corporate documents with a personal email address, as an example,” Jalil said.
The system also aggregates data from services, mobile devices and firewalls to identify security gaps resulting from employees’ aforementioned ad hoc adoption of cloud applications. Customers that require more functionality can extend CloudSOC with four Elastica apps called Audit, Detect, Protect and Investigate; the apps run on top of the platform and layer value-added features such as auditing and reporting directly over StreamIQ.
Within the Audit app is a collection of prepared security scores for “thousands of cloud services,” which is similar to what Netskope offers with its built-in app database. The Detect app assigns real-time threat scores that can be used to create automated security controls, while the Protect app makes it easier for admins to define global policies.
“Users can adopt one or more of these applications for their use, depending on the functionality they desire,” Jalil said. “These applications are part of the CloudSOC platform. Some users may choose to only deploy the Audit function, in which case they purchase CloudSOC with Audit. If they later want to add Detect and Protect, they can simply add these applications to their platform from our store.”
Maria Deutscher contributed to this story.
Since you’re here …
Show your support for our mission with our one-click subscription to our YouTube channel (below). The more subscribers we have, the more YouTube will suggest relevant enterprise and emerging technology content to you. Thanks!
Support our mission: >>>>>> SUBSCRIBE NOW >>>>>> to our YouTube channel.
… We’d also like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.