sb-nz logo
Story image

Developing a one-two punch for cloud security

17 Jul 2018
Sara Barker
Share:

As organisations adopt cloud-based tools to enhance their operations, many are realising that the security strategies they have in place are no longer providing effective protections. In the past, IT security was primarily aimed at protecting a physical location, such as an office, that had access to a data centre.

The thinking was that everything would be secure if there were firewalls installed at both locations and an encrypted network tunnel between the two. While this held true when applications and data were stored within a corporate data centre, things have changed.

Today, applications and data often rest in a number of different locations, including cloud platforms and services managed by other companies. This is a dramatic shift from the historical tactic of conducting business in an on-premises-only fashion. When data is regularly accessed from a myriad of devices outside the corporate firewall, strategies to maintain effective security have to evolve.

Rapid cloud adoption

Within most organisations, the adoption of cloud-based resources is accelerating – often without the knowledge of IT departments. While sanctioned cloud applications are likely to be in use, employees are just as likely to be using unsanctioned apps as a part of their daily routines. Unfortunately, many of these tools are not enterprise ready – they don’t provide IT with the visibility or data protection features that are needed to defend users and corporate IT infrastructure.

Because data is moving from the corporate network to a virtually infinite number of cloud applications that lack adequate security features, organisations must look to specialised security solutions that can protect data wherever it goes.

This is particularly true in light of compliance requirements that demand heightened security for protected data. Monitoring, administering, and controlling hundreds of cloud apps is impossible without the appropriate tools.

Achieving visibility and security

Organisations must understand how data is used by their staffs before they can prevent it from moving to unsafe destinations. In other words, they must achieve comprehensive visibility as well as data security.

Key tactics for obtaining visibility and control over data include:

  • Identity consolidation: Rather than having disjointed identity management for multiple applications, organisations should leverage the existing corporate user directory and extend access to cloud apps. This gives users single sign-on for all of a business’ applications and lets them access said apps from the devices of their choosing.
  • Central policy enforcement: An enterprise needs to adopt a tool that enforces security policies on everyone accessing data – regardless of the devices that they are using. For example, a business should be able to require multi-factor authentication or that a personal device automatically locks its screen after a certain period of inactivity.
  • Mobility Management: IT teams must also have suitable tools to secure data as it is accessed and stored by mobile devices. In addition to other security features, these solutions should provide the ability to wipe data remotely if the device is lost or an employee leaves the organisation.

The role of CASB and identity as a service (IDaaS)

A cloud access security broker (CASB) provides security when data and applications move to a cloud environment. It manages user devices, enables visibility, ensures data protection, and enforces access controls.

A CASB can bolster defences for data when it is at rest on a cloud platform, and ensure that it remains secure as it is being accessed by users. It allows sessions to be monitored and anomalous activities to be spotted and remediated in real time.

Another important element of any successful security strategy in a cloud environment is identity management. Over the past decade, most organisations have developed identity management systems internally. Today, they must simply extend their best practices and policies to the cloud. This can be achieved by adopting an identity as a service (IDaaS) solution.

IDaaS can be used to fill previously neglected cloud security gaps. For example, many employees use a single, unsecured password across multiple cloud services, increasing the damage that can be done in the event of credential compromise.

As multi-factor authentication has helped to address this problem within corporate IT infrastructure, the capability must also be used to cover cloud platforms via IDaaS. This will help to ensure data and applications are only accessed by the individuals who are authorised to do so.

Business benefits from cloud security

Leveraging CASB and IDaaS delivers three significant advantages to any organisation seeking to secure its use of cloud services.

  • Improved user productivity: Having single sign-on (SSO) allows users to access data and applications from any device or location quickly, easily, and securely. A single set of credentials is all that is needed to gain access to required resources via SSO.
  • Better compliance: Together, CASB and IDaaS achieve end-user productivity and corporate security, ensuring that the enterprise is better able to meet its compliance requirements. Automated security policies can be enforced in real time and activity can be monitored continuously.
  • Increased operational efficiency: An organisation that is confident in its ability to secure data in the cloud can deploy a host of applications. This enables users to seek the best tools for performing their work, which inevitably increases operational efficiency throughout the business. Additionally, this reduces IT-related costs like those incurred when investing in traditional, on-premises infrastructure.

With CASBs and IDaaS, organisations can be confident that they have adopted the key elements needed to ensure effective security in the cloud. Whether separate solutions are deployed together, or both components are found in a single, complete solution, leveraging CASBs and IDaaS gives organisations data security built for the future, allowing them to reap the benefits of the cloud for years to come.

Article by Bitglass vice president of Asia Pacific and Japan, David Shephard.

Related stories:
Why consumer privacy is crucial in a remote work era
How to stay ahead of the next cyber breach
Shields up: surprises are the new normal
Quantum extends Veeam partnership in a bid to protect against ransomware
Check Point launches security gateways to protect SMBs against threats
Bitglass kicks off new year with two senior APJ hires
Dig deeper:
Cloud security Cloud access security broker Bitglass Data protection
Story image
Stalkerware remains significant problem throughout COVID lockdowns
Stalkerware remains a significant problem with more 50,0000 users affected globally in 2020.More
Story image
Endace and Corelight step in to enhance incident response workflows
Endace and Corelight have entered into a strategic partnership to deliver security teams with insights and detailed forensic data to further enable rapid incident response.More
Story image
Millions of email attacks missed by organisations’ cyber security protection
"While organisations have invested in protection against email threats, many of these attacks slip through gateways, landing in users inboxes."More
Story image
Microsoft, Facebook and PayPal most impersonated brands during phishing attacks
Microsoft has maintained its position as the brand most often found in phishing emails, followed by Facebook and PayPal.More
Story image
Latest Tenable launch provides holistic approach to vulnerability management
Tenable.ep is reportedly the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change.More
Story image
Architecting a robust customer identity and access management solution
The customer experience can make or break any organisation -More
Story image
Stalkerware remains significant problem throughout COVID lockdowns
Stalkerware remains a significant problem with more 50,0000 users affected globally in 2020.More
Story image
Endace and Corelight step in to enhance incident response workflows
Endace and Corelight have entered into a strategic partnership to deliver security teams with insights and detailed forensic data to further enable rapid incident response.More
Story image
Millions of email attacks missed by organisations’ cyber security protection
"While organisations have invested in protection against email threats, many of these attacks slip through gateways, landing in users inboxes."More
Story image
Microsoft, Facebook and PayPal most impersonated brands during phishing attacks
Microsoft has maintained its position as the brand most often found in phishing emails, followed by Facebook and PayPal.More
Story image
Latest Tenable launch provides holistic approach to vulnerability management
Tenable.ep is reportedly the industry’s first, all-in-one, risk-based vulnerability management platform designed to scale as dynamic compute requirements change.More
Story image
Architecting a robust customer identity and access management solution
The customer experience can make or break any organisation -More
Story image
Microsoft adds new ways to bring AI to the edge with Azure Percept
"The goal of the Azure Percept platform is to simplify the process of developing, training and deploying edge AI solutions."More
Story image
Covid-19 sees rapid cloud adoption, rise in double-extortion ransomware
“We need to act now to stop this cyber pandemic spreading out of control."More
Story image
Vulnerability disclosures back to expected rates despite COVID disruption
The total number of vulnerabilities in 2020 is on track to exceed 2019.More
Story image
Palo Alto Networks adds more incentives to NextWave partner program
This latest launch brings a significant set of enhancements, incentives and training to the company’s NextWave Partner Program.More
Story image
ExtraHop reveals methods used by attackers in SUNBURST breach
The network detection and response company says between late March and early October 2020, detections of probable malicious activity increased by approximately 150%, including detections of lateral movement, privilege escalation and command and control beaconing.More
Story image
Trend Micro expands XDR capabilities through new platform
Trend Micro has rolled out new extended detection and response (XDR) capabilities through a new platform called Vision One.More
Story image
Veeam reports growth as demand for modern data protection increases
“Even with the unforeseen challenges and circumstances that began in early 2020, Veeam continued its rapid growth with its second consecutive year of bookings over $1 billion."More
Story image
Cyber-risk to critical infrastructure reaches all-time high — report
New research from Nozomi Networks Labs found that attackers are doubling down on high-value targets and weaponising the software supply chain.More
Story image
Essential tools for managing user identity and how they impact your bottom line
Customer identity and access management (CIAM) is how companies give their end-users access to their digital properties, as well as how they govern, collect, analyse, and securely store data for those users.More
Story image
WhiteHat: 50% of apps are vulnerable
"The state of application security remains very concerning."More
Story image
Y Soft adds to identity verification solution portfolio
Y Soft is adding to its portfolio of identity verification solutions with the release of a new secure identity verification for networked printers.More
Story image
Shields up: surprises are the new normal
Mimecast Connect: The what's what of cybersecurity in 2021.More
Story image
How to stay ahead of the next cyber breach
With so many people working from home, the corresponding surge in app usage, unmanaged devices, web traffic and accessing internal resources is making security a much trickier prospect.More
Story image
Increase in emergence of new cloud watering hole attacks
"Cloud native apps and services are more vital than ever before, and any risk in the infrastructure has critical implications."More
Story image
Cybercriminals take bold steps forward as confidence soars - CrowdStrike report
Criminals are especially interested in targeting the supply chain as it enables them to go after multiple targets from a single intrusion point.More
Story image
Kaseya acquires RocketCyber to bring SOC solutions to more businesses
"With this acquisition, we've doubled down on our security investments to provide our customers with access to experts who can continuously monitoring their IT environments without the cost and complexity of disparate tools.”More
Story image
Women in tech: Equality journey not over
The idea of gender equality represents more than just physical bodies through doors. It is also the notion of perceptions, feelings, stereotypes and opportunity.More
Story image
Organisations investing significant time modifying web application firewalls to keep ahead of cybersecurity threats
"The sheer amount of traffic and potential threats can ensnare resources and impact the ability to introduce greater precision to those key systems."More
Story image
Creating a strong culture of security within organisations
CISOs worldwide are inherently aware of how significant investment in cybersecurity strategies and technologies can bolster an organisation’s protection against cyberattacks. However, many overlook the importance of culture when it comes to cybersecurity.More
Story image
NZTech calls for Govt to fund cybersecurity education as risk ramps up
NZTech says it's time for the Government to put funding into educating Kiwis about how to avoid being a victim of cyber crime, just as it does for road safety.More
Story image
2021 global salary guide: Cybersecurity, data analytics professionals in high demand
"Technology has been one of the most successful sectors throughout 2020 and that looks set to continue for the foreseeable future.”More
2021's Most Wanted: Emotet continues reign as top malware threat 
The Emotet trojan continues to reign as top malware in January, despite international law enforcement taking control of its infrastructure.More
Sophos announces collaboration with Qualcomm for PC security
This unification enables a connected, interactive computing environment that combines smartphone and PC technology to deliver security capabilities and opportunities, the company states.More
Cybersecurity spending for critical infrastructure to surpass US$105 billion in 2021
The brunt of security spending is still first and foremost focused on IT networks, systems, and data security from a defensive perspective. More
Research reveals increase in critical, low complexity vulnerabilities
2020 saw a large spike in physical and adjacent vulnerabilities, likely due to the proliferation of IoT and smart devices in use and being tested by researchers.More
AppDynamics launches Cisco Secure Application to protect against vulnerabilities
AppDynamics, part of Cisco, has released Cisco Secure Application, a solution designed to simplify vulnerability management, defend against cyber attacks and protect applications.More
Secureworks launches XDR security solution & MSSP program
Taegis is designed to expand the company’s threat detection and response capabilities.More
Microsoft signs BNZ as one of first NZ data centre region customers
“We have a bold ambition to fully embrace digital technologies, and Azure, available in a New Zealand data centre, is going to be a key enabler.”More
Why consumer privacy is crucial in a remote work era
Organisations should monitor all file, app, user and web activity with comprehensive activity logs to uncover the whereabouts of consumers’ data.More
VPNs and zero trust security don't mix - Zscaler report
93% of organisations surveyed have deployed some kind of VPN, yet 94% know that VPNs are a popular target for cybercriminals.More
Countering the evolving threat of ransomware
Cyber-criminals will continue to change their methods to maximise the chance of success, writes Zscaler regional vice president and A/NZ country manager Steve Singer.More
Rapid shifts to the cloud may leave organisations at higher risk of cyber threats
While cloud migration isn’t simple, it can be enabled and improved using the right security tools.More
Ping Identity announces appointment of new VP of R&D
In his new role as head of research and development, Burke will be expected to drive product strategy and development across Ping Identity’s entire suite of solutions.More
Quantum extends Veeam partnership in a bid to protect against ransomware
“Quantum continues to expand its partnership with us and we are pleased to add ActiveScale object storage to a select group of S3 targets that can provide robust ransomware protection for our joint customers."More
CISOs, don't underestimate the importance of soft skills
There is increasing importance on Chief Information Security Officers (CISOs) having and developing the skill of emotional intelligence, a new report states.More
Cybersecurity risk has never been greater," declares FortiGuard Labs
Adversaries are highly adaptable as they conduct sophisticated attacks, particularly against remote workers, digital supply chains, and core networks.More
Cyber-pandemic: The most notable cyber attacks of 2020
2020 and the COVID-19 pandemic saw employees move to remote working, keeping IT professionals on high alert for cyberattacks. More
WatchGuard rolls out updates to bring greater security to MSPs
"WatchGuard Cloud’s continued evolution is lowering the barrier to entry for MSPs to add security to their portfolios and solidifying it as the management platform of choice for the security channel.”More
Kaspersky ranked number one in channel partner satisfaction
“Being recognised for the second consecutive year as the number one cybersecurity vendor for channel satisfaction, reflects the investment we have made in the Kaspersky United partner program over the past two years."More
More stories