Story image

Exclusive: How companies can stay secure in the cloud

Recently Security Brief had the opportunity to talk to Bitglass APJ VP of sales David Shepherd about cloud security. 

What are the threats companies moving to the cloud or adoption cloud services are least prepared for?

I think most people now accept that moving to the cloud is no less secure than the traditional way of doing things; in fact, in many cases, the cloud offers more security than most enterprises could hope to achieve in-house. This being said, some threats in the cloud are different to those historically faced in on-premises-only environments. 

For example, organisations moving to the cloud must defend against malware that can quickly infect a business by spreading through personal and corporate devices as well as the cloud apps that they access. Additionally, enterprises must understand the shared responsibility model of security and adopt new tools for addressing unauthorised external sharing, advanced cloud phishing attacks, and more. 

How have CASBs had to evolve as threats to companies in the APJ region change?

It seems that threats in APJ have evolved virtually identically to those around the world. Regardless, CASBs have had to adapt to address these threats and help customers understand and manage cloud data risk. Initially, most CASB offerings were designed solely to provide visibility into SaaS app usage in the enterprise. 

However, they have rapidly evolved into flexible tools that can be used for a massive variety of use cases; for example, securing the mobile workforce, new apps, BYOD, and IaaS platforms, as well as responding to misconfigurations in cloud platforms, inappropriate sharing, data leakage, malicious insiders, and zero-day malware. 

What are the biggest barriers preventing companies from implementing a CASB to secure the cloud?

Solving today's problems requires fresh thinking. Perhaps the biggest barrier we need to challenge is the belief  that traditional tools like firewalls are able to offer comprehensive data security in a cloud-first world. 

This belief may be due to an overestimation of how well on-premises security tools can extend to the cloud, a fixation on the sunk costs associated with existing IT infrastructure investments, or some level of misunderstanding around cloud threats. Whether you believe you’re using the cloud or not, your users have probably already moved your data into this new landscape. 

What are the biggest opportunities using a CASB brings a company as opposed to implementing their own cloud security protocols?

We’re seeing a continued shift toward the consumerisation of IT. People no longer want to build and maintain their own networks, infrastructure, or applications – it’s inefficient and not the best use of their budget or IT resources. As such, many companies prefer to consume IT-as-a-service and commit more focus to running their businesses. 

By leveraging a third-party CASB, organisations are able to benefit from a specialised solution that secures data right out of the box with prebuilt policies and proven efficacy. Additionally, cloud access security brokers serve as a single pane of glass for ensuring consistent security across all of an enterprises’ cloud applications, eliminating the need to manage dozens (or hundreds) of applications' disjointed, native security features.

What distinguishes an effective CASB solution?

The most effective CASB solutions are commonly known as multimode or hybrid CASBs. These integrate with application programming interfaces (APIs) to secure data at rest, and proxy traffic in order to protect data in transit between apps and devices. Uniquely, the Bitglass Next-Gen CASB uses an agentless reverse proxy architecture. 

This means that we are up and running and fully deployed in hours rather than months. Companies start to receive value immediately, which is almost unheard of when deploying enterprise security tools. To cope with the dynamic cloud landscape, we are leveraging machine learning to automate protections and ensure that we deliver proactive, real-time security for any app, any device, anywhere.

Cloud application attacks in Q1 up by 65% - Proofpoint
Proofpoint found that the education sector was the most targeted of both brute-force and sophisticated phishing attempts.
Singapore firm to launch borderless open data sharing platform
Singapore-based Ocean Protocol, a decentralised data exchange that promotes data sharing, has revealed details of what could be the kickstart to a global and borderless data economy.
Huawei picks up accolades for software-defined camera ecosystem
"The company's software defined capabilities enable it to future-proof its camera ecosystem and greatly lower the total cost of ownership (TCO), as its single camera system is applicable to a variety of application use cases."
Tech community rocked by deaths of Atta Elayyan and Syed Jahandad Ali
Both men were among the 50 killed in the shooting in Christchurch last Friday when a gunman opened fire at two mosques.
NZ ISPs block internet footage of Christchurch shootings
2degrees, Spark, Vodafone and Vocus are now blocking any website that shows footage of the mosque shootings.
Barracuda expands MSP security offerings with RMM acquisition
Managed Workplace delivers an RMM platform with security tools and services, such as site security assessments, Office 365 account management, and integrated third-party antivirus.
Flashpoint: APAC companies must factor geopolitics in cyber strategies
The diverse geopolitical and economic interests of the states in the region play a significant role in driving and shaping cyber threat activity against entities operating in APAC.
Expert offers password tips to aid a stress-free sleep
For many cybersecurity professionals, the worries of the day often crawl into night-time routines - LogMeIn says better password practices can help.