Story image

Exclusive: How companies can stay secure in the cloud

Recently Security Brief had the opportunity to talk to Bitglass APJ VP of sales David Shepherd about cloud security. 

What are the threats companies moving to the cloud or adoption cloud services are least prepared for?

I think most people now accept that moving to the cloud is no less secure than the traditional way of doing things; in fact, in many cases, the cloud offers more security than most enterprises could hope to achieve in-house. This being said, some threats in the cloud are different to those historically faced in on-premises-only environments. 

For example, organisations moving to the cloud must defend against malware that can quickly infect a business by spreading through personal and corporate devices as well as the cloud apps that they access. Additionally, enterprises must understand the shared responsibility model of security and adopt new tools for addressing unauthorised external sharing, advanced cloud phishing attacks, and more. 

How have CASBs had to evolve as threats to companies in the APJ region change?

It seems that threats in APJ have evolved virtually identically to those around the world. Regardless, CASBs have had to adapt to address these threats and help customers understand and manage cloud data risk. Initially, most CASB offerings were designed solely to provide visibility into SaaS app usage in the enterprise. 

However, they have rapidly evolved into flexible tools that can be used for a massive variety of use cases; for example, securing the mobile workforce, new apps, BYOD, and IaaS platforms, as well as responding to misconfigurations in cloud platforms, inappropriate sharing, data leakage, malicious insiders, and zero-day malware. 

What are the biggest barriers preventing companies from implementing a CASB to secure the cloud?

Solving today's problems requires fresh thinking. Perhaps the biggest barrier we need to challenge is the belief  that traditional tools like firewalls are able to offer comprehensive data security in a cloud-first world. 

This belief may be due to an overestimation of how well on-premises security tools can extend to the cloud, a fixation on the sunk costs associated with existing IT infrastructure investments, or some level of misunderstanding around cloud threats. Whether you believe you’re using the cloud or not, your users have probably already moved your data into this new landscape. 

What are the biggest opportunities using a CASB brings a company as opposed to implementing their own cloud security protocols?

We’re seeing a continued shift toward the consumerisation of IT. People no longer want to build and maintain their own networks, infrastructure, or applications – it’s inefficient and not the best use of their budget or IT resources. As such, many companies prefer to consume IT-as-a-service and commit more focus to running their businesses. 

By leveraging a third-party CASB, organisations are able to benefit from a specialised solution that secures data right out of the box with prebuilt policies and proven efficacy. Additionally, cloud access security brokers serve as a single pane of glass for ensuring consistent security across all of an enterprises’ cloud applications, eliminating the need to manage dozens (or hundreds) of applications' disjointed, native security features.

What distinguishes an effective CASB solution?

The most effective CASB solutions are commonly known as multimode or hybrid CASBs. These integrate with application programming interfaces (APIs) to secure data at rest, and proxy traffic in order to protect data in transit between apps and devices. Uniquely, the Bitglass Next-Gen CASB uses an agentless reverse proxy architecture. 

This means that we are up and running and fully deployed in hours rather than months. Companies start to receive value immediately, which is almost unheard of when deploying enterprise security tools. To cope with the dynamic cloud landscape, we are leveraging machine learning to automate protections and ensure that we deliver proactive, real-time security for any app, any device, anywhere.

IP theft: A global issue catching NZ businesses off guard
“We have this incredible record of innovation in New Zealand. But our innovative businesses haven’t always been meticulous in shoring up their IP."
Why A/NZ organisations need to improve compliance protocols
Only a mere 4% of IT decision makers and data managers surveyed said their organisation faced no data management challenges. 
What the people say - Gartner’s November Customers’ Choices
A roundup of the latest Gartner Peer Insight Customers’ Choices from Backup and Recovery to Business Intelligence and Analytics, and more.
BlackBerry buys out cybersecurity AI firm Cylance
“We are eager to leverage BlackBerry’s mobility and security strengths to adapt our advanced AI technology to deliver a single platform.”
Data protection is key to building customer trust
"New data compliance rules offer an opportunity for businesses to re-evaluate their processes and improve data management and customer loyalty."
NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."