SecurityBrief New Zealand logo
New Zealand's leading source of cybersecurity and threat news
Story image
What the people say - Gartner’s November Customers’ Choices
Story image
BlackBerry buys out cybersecurity AI firm Cylance
Story image
Data protection is key to building customer trust
Story image

Developing a one-two punch for cloud security

17 Jul 18
Sara Barker

As organisations adopt cloud-based tools to enhance their operations, many are realising that the security strategies they have in place are no longer providing effective protections. In the past, IT security was primarily aimed at protecting a physical location, such as an office, that had access to a data centre.

The thinking was that everything would be secure if there were firewalls installed at both locations and an encrypted network tunnel between the two. While this held true when applications and data were stored within a corporate data centre, things have changed.

Today, applications and data often rest in a number of different locations, including cloud platforms and services managed by other companies. This is a dramatic shift from the historical tactic of conducting business in an on-premises-only fashion. When data is regularly accessed from a myriad of devices outside the corporate firewall, strategies to maintain effective security have to evolve.

Rapid cloud adoption

Within most organisations, the adoption of cloud-based resources is accelerating – often without the knowledge of IT departments. While sanctioned cloud applications are likely to be in use, employees are just as likely to be using unsanctioned apps as a part of their daily routines. Unfortunately, many of these tools are not enterprise ready – they don’t provide IT with the visibility or data protection features that are needed to defend users and corporate IT infrastructure.

Because data is moving from the corporate network to a virtually infinite number of cloud applications that lack adequate security features, organisations must look to specialised security solutions that can protect data wherever it goes.

This is particularly true in light of compliance requirements that demand heightened security for protected data. Monitoring, administering, and controlling hundreds of cloud apps is impossible without the appropriate tools.

Achieving visibility and security

Organisations must understand how data is used by their staffs before they can prevent it from moving to unsafe destinations. In other words, they must achieve comprehensive visibility as well as data security.

Key tactics for obtaining visibility and control over data include:

  • Identity consolidation: Rather than having disjointed identity management for multiple applications, organisations should leverage the existing corporate user directory and extend access to cloud apps. This gives users single sign-on for all of a business’ applications and lets them access said apps from the devices of their choosing.
  • Central policy enforcement: An enterprise needs to adopt a tool that enforces security policies on everyone accessing data – regardless of the devices that they are using. For example, a business should be able to require multi-factor authentication or that a personal device automatically locks its screen after a certain period of inactivity.
  • Mobility Management: IT teams must also have suitable tools to secure data as it is accessed and stored by mobile devices. In addition to other security features, these solutions should provide the ability to wipe data remotely if the device is lost or an employee leaves the organisation.

The role of CASB and identity as a service (IDaaS)

A cloud access security broker (CASB) provides security when data and applications move to a cloud environment. It manages user devices, enables visibility, ensures data protection, and enforces access controls.

A CASB can bolster defences for data when it is at rest on a cloud platform, and ensure that it remains secure as it is being accessed by users. It allows sessions to be monitored and anomalous activities to be spotted and remediated in real time.

Another important element of any successful security strategy in a cloud environment is identity management. Over the past decade, most organisations have developed identity management systems internally. Today, they must simply extend their best practices and policies to the cloud. This can be achieved by adopting an identity as a service (IDaaS) solution.

IDaaS can be used to fill previously neglected cloud security gaps. For example, many employees use a single, unsecured password across multiple cloud services, increasing the damage that can be done in the event of credential compromise.

As multi-factor authentication has helped to address this problem within corporate IT infrastructure, the capability must also be used to cover cloud platforms via IDaaS. This will help to ensure data and applications are only accessed by the individuals who are authorised to do so.

Business benefits from cloud security

Leveraging CASB and IDaaS delivers three significant advantages to any organisation seeking to secure its use of cloud services.

  • Improved user productivity: Having single sign-on (SSO) allows users to access data and applications from any device or location quickly, easily, and securely. A single set of credentials is all that is needed to gain access to required resources via SSO.
  • Better compliance: Together, CASB and IDaaS achieve end-user productivity and corporate security, ensuring that the enterprise is better able to meet its compliance requirements. Automated security policies can be enforced in real time and activity can be monitored continuously.
  • Increased operational efficiency: An organisation that is confident in its ability to secure data in the cloud can deploy a host of applications. This enables users to seek the best tools for performing their work, which inevitably increases operational efficiency throughout the business. Additionally, this reduces IT-related costs like those incurred when investing in traditional, on-premises infrastructure.

With CASBs and IDaaS, organisations can be confident that they have adopted the key elements needed to ensure effective security in the cloud. Whether separate solutions are deployed together, or both components are found in a single, complete solution, leveraging CASBs and IDaaS gives organisations data security built for the future, allowing them to reap the benefits of the cloud for years to come.

Article by Bitglass vice president of Asia Pacific and Japan, David Shephard.

More:
Share on: LinkedIn Twitter Facebook
Story image
What the people say - Gartner’s November Customers’ Choices
Story image
BlackBerry buys out cybersecurity AI firm Cylance
Story image
Data protection is key to building customer trust
NZ Internet Task Force joins iSANZ Hall of Fame
NZITF chair Barry Brailey and former chairs Mike Seddon and Paul McKitrick received the award in Auckland last week.
Quantum computing: The double-edged sword for cybersecurity
Quantum computing is quickly moving from science fiction to reality.
Three ways to achieve data security whilst enabling BYOD
"A mobility strategy is now more important than ever before, that said, selecting the right one is often no small task."
How IoT and hybrid cloud will change in 2019
"Traditional VPN software solutions are obsolete for the new IT reality of hybrid and multi-cloud."
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
GCSB's CORTEX project scoops iSANZ Award
“I believe this award is particularly significant as it is acknowledgement from our peers in the information security industry and from across the private sector."
NZ firms lack cybersecurity confidence, HP survey says
Out of 434 of New Zealand’s small and large businesses, only half (50%) feel confident that they would be able to cope if they experienced a significant cybersecurity breach.
SonicWall secures hybrid clouds by simplifying firewall deployment
Once new products are brought online in remote locations, administrators can manage local and distributed networks.
Story image
What MSPs can learn from Datto’s Channel Ransomware Report
While there have been less high profile attacks making the headlines, the frequency of attacks is, in fact, increasing.
Story image
Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
Story image
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
Download image
Whitepaper: An inside look at the benefits of cloud
"Cloud computing is revolutionising business, enabling organisations to move faster, spend less and deliver greater value."
Download
Story image
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.
Story image
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Story image
Kiwis losing $24.7mil to scam calls every year
The losses are almost five times higher compared to the same period last year, from reported losses alone.
Story image
Kordia launches Women in Tech scholarship at the University of Waikato
The scholarship is established to acknowledge and support up-and-coming female talent and future technology leaders.
Story image
2018’s worst malware revealed in report
Webroot has highlighted the top cyberattacks of 2018 in its latest Nastiest Malware list, which showcases the malware and attack payloads that have been most detrimental to organisations.
Story image
NZ being targeted for cyber attacks – study
The survey polled more than 230 IT decision makers in businesses with 20 or more employees across New Zealand.
Story image
Sponsored
Impact of legacy technologies on threat alert response and cloud adoption among Aus enterprises
Most Australian enterprises today are hamstrung by the same technologies that once helped advance the nation’s IT economy.
Story image
Organisations lack holistic approach to data protection
It is paramount for organisations to have a clear understanding of what data protection is and close the gaps in their protection strategies.
Story image
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
Download image
Using SOLIDWORKS CAD to take an idea from prototype to product
Sound pioneer Nura had an ambitious concept to deliver when it raised almost two million dollars via crowdsourcing and then over five million dollars through a seed round.
Download
Story image
Inside NZ’s first blockchain trade for meat exports
“We’re exporting to 40 different countries and being able to use a blockchain platform removes the weak spots and ensures the integrity of the data."
Story image
Opinion: Router security leaving major cyber exposure gap
Hardware is frequently tossed to one side upon installation and left to fester without security updates.
Story image
Voter databases available on the dark web - report
A Carbon Black threat report has revealed that destructive cyberattacks are increasing ahead of 2018 US midterm elections.
Story image
4 tips to keep safe when phishing for treats this Halloween
Jason Howells shares Barracuda MSP's top four tips to protect your business and help identify a phishing scam from a mile away.
Story image
Don’t let your network outgrow your IT team
"IT professionals spend less than half of their time at work optimising their networks and beefing it up against future security threats."
Download image
The security tool conundrum: Can you have too much of a good thing?
Organisations across Asia Pacific are using many different security tools to protect their businesses, but often they have no centralised platform to manage those tools.
Download
Story image
Exclusive: Why Australian enterprises are prime targets for malware attacks
"Only 14% of Australian organisations are continuously training employees to spot cyber attacks."
Story image
Sponsored
Case study: Startup revamps systems with HID mobile access
“We want our clients to have the best experience here. This is the reason why we chose to work with HID Global solutions."
Download image
Whitepaper: How to build cloud policies your organisation can stand by
Done right, digital transformation can transform the way governments engage with citizens, make businesses more productive and help non-profits be more effective.
Download
Story image
Callaghan Innovation places bets in local crypto startup
Callaghan Innovation has placed $330,000 into a local cryptocurrency savings and trading startup now called Vimba.
Story image
The silent security risk of unstructured data
"IDC estimates that 90% of today’s enterprise data is unstructured."
Story image
How phishing is evolving to outpace awareness
While email providers have made strides in flagging suspicious emails and source domains, reducing the effectiveness of attacks, attackers’ techniques have also evolved.
Story image
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Link image
Increase visibility and productivity with fleet tracking software
Know what’s going on in the field so you can dispatch more efficiently, improve customer service and reduce time spent calling drivers for updates.
Read more
Story image
"Is this for real?" The reality of fraud against New Zealanders
Is this for real? More often than not these days it can be hard to tell, and it’s okay to be a bit suspicious, especially when it comes to fraud.
Story image
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
Download image
Survey: App dev is surging, but how are businesses doing it?
Today “every company is in the software business" to get a competitive edge, and this survey reveals how app dev is affecting IT teams.
Download
Story image
Kiwis concerned about being scammed – survey
This unease is warranted given the growing sophistication of scammers and their activities, and numbers of attempted fraud.
Download image
Whitepaper: The key to compliance is governing access to data
By implementing a governance-based approach to identity governance, companies can secure their organisation’s sensitive data.
Download
Download image
The features that should be front and centre when evaluating SIEMs
According to Frost & Sullivan, SIEM can either be an enabler or a retardant and there's a thin line between the two - here's the key attributes.
Download
Download image
Whitepaper: Why it’s critical to detect cyber attacks as they happen
"Many organisations are struggling to keep pace with the speed in which hackers are attacking their systems."
Download
Story image
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Story image
Three access management trends making waves in APAC
Consumer identity proofing, authentication, and authorisation will top the $37 billion value mark by 2023.
Story image
Security cameras – a latent botnet network?
In a comparison of 16 indoor and outdoor IP surveillance cameras, researchers found only one well-protected device.
Download image
Whitepaper: The evolution of physical access control
Despite the enhanced security and convenience that comes from newer options, many organisations are still using outdated and vulnerable access control technology.
Download
Story image
Interview: Aruba’s NZ country manager talks channel strategy
“What we're taking to market is that message around simplification and having everything in one place.”
Download image
GDPR compliance: A step-by-step guide
The GDPR affects any company that deals with individuals living in the EU and has very specific requirements for the treatment of their personal
Download
Story image
Sponsored
Interview: Building secure apps from the ground up
Security should be a key consideration from the initial design phase before any build even begins.
Story image
Sponsored
Five major risks of letting shadow IT go unchecked
A department creating its own bespoke IT solution may sound like a good idea, but are the risks really worth it?
Download image
Cutting through the noise with AI-driven threat analytics
SANS has provided an independent review of a new AI analytics solution designed to rescue businesses 'drowning in data' from SIEM platforms.
Download
Story image
Computer Lounge online store hit by security breach
Auckland-based online computer parts store Computer Lounge has been affected by a security breach.
Story image
GCSB report: NZ firms lack CISOs, human investment
More than 80% of New Zealand’s nationally significant organisations don’t have a dedicated chief information security officer (CISO), a benchmark report from the GCSB and NCSC has found.
Story image
Sponsored
How to effectively implement a software-defined secure network
The unified SDSN platform combines policy, detection, and enforcement with a comprehensive product portfolio.
Story image
Combatting the rise of Cybercrime-as-a-Service
Amateur cybercriminals (or anyone with a grudge), can execute spam attacks, steal people’s identities, and more. 
Story image
Sponsored
Huge vulnerabilities in software supply chain being exploited
A very exposing report has revealed breaches are rising and response times are falling, largely due to shoddy software development practices.
Story image
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Story image
Sponsored
Cyber crisis continues unabated – is ATP the answer?
Statistics on cybercrime certainly makes for grim reading, and that is set to continue unless businesses take measures to stack the odds better in their favour.
Download image
What does sustainable compliance look like?
Getting an organisation compliant is one thing, keeping it that way is another.
Download
Story image
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
Story image
ThreatQuotient partners with Visa for payments safety
“Cyber criminals are reusing tactics, techniques and procedures, leaving a recognisable trail of breadcrumbs and insights into the very attacks they are launching.”
Story image
Gartner names Bitglass a leader in cloud security
Bitglass was evaluated based on its ability to execute and its completeness of vision.
Story image
LogRhythm reports higher-than-anticipated SOAR adoption rate
The company’s embedded security orchestration, automation and response (SOAR) capabilities are embedded in its security information and event management offering.
Download image
Whitepaper: How to detect and respond to threats faster
This white paper uncovers how UEBA reduces your organisational risk and enables you to respond more quickly to attacks.
Download
Download image
Whitepaper: Threat detection and risk measurement with machine learning
ResponSight focuses on two key areas of cybersecurity – threat detection and enterprise risk measurement – and the need for more sophisticated approaches in each.
Download
Story image
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Download image
Secure your BYOD policies effectively with multi-factor authentication
Multifactor authentication helps organisations secure their cloud applications, privileged access management, VPN access, digital workspaces and company apps in an easy, low-friction method staff can integrate into their workflow easily.
Download
Story image
Digital maturity among APAC CIOs reaches ‘tipping point’
Gartner's new survey has revealed enterprises that fall behind in digital business now will have a serious competitive disadvantage in the future.
Download image
Avoid underutilising office space with optimisation solutions
Facility managers and security professionals need a real-time view of how their workforce interacts with a building.
Download
Story image
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Download image
The six golden keys to successful identity assurance
When someone tries to access your internal systems, how can you be sure a user is who they claim to be?
Download