sb-nz logo
Story image

Developing a one-two punch for cloud security

17 Jul 2018
Sara Barker
Share:

As organisations adopt cloud-based tools to enhance their operations, many are realising that the security strategies they have in place are no longer providing effective protections. In the past, IT security was primarily aimed at protecting a physical location, such as an office, that had access to a data centre.

The thinking was that everything would be secure if there were firewalls installed at both locations and an encrypted network tunnel between the two. While this held true when applications and data were stored within a corporate data centre, things have changed.

Today, applications and data often rest in a number of different locations, including cloud platforms and services managed by other companies. This is a dramatic shift from the historical tactic of conducting business in an on-premises-only fashion. When data is regularly accessed from a myriad of devices outside the corporate firewall, strategies to maintain effective security have to evolve.

Rapid cloud adoption

Within most organisations, the adoption of cloud-based resources is accelerating – often without the knowledge of IT departments. While sanctioned cloud applications are likely to be in use, employees are just as likely to be using unsanctioned apps as a part of their daily routines. Unfortunately, many of these tools are not enterprise ready – they don’t provide IT with the visibility or data protection features that are needed to defend users and corporate IT infrastructure.

Because data is moving from the corporate network to a virtually infinite number of cloud applications that lack adequate security features, organisations must look to specialised security solutions that can protect data wherever it goes.

This is particularly true in light of compliance requirements that demand heightened security for protected data. Monitoring, administering, and controlling hundreds of cloud apps is impossible without the appropriate tools.

Achieving visibility and security

Organisations must understand how data is used by their staffs before they can prevent it from moving to unsafe destinations. In other words, they must achieve comprehensive visibility as well as data security.

Key tactics for obtaining visibility and control over data include:

  • Identity consolidation: Rather than having disjointed identity management for multiple applications, organisations should leverage the existing corporate user directory and extend access to cloud apps. This gives users single sign-on for all of a business’ applications and lets them access said apps from the devices of their choosing.
  • Central policy enforcement: An enterprise needs to adopt a tool that enforces security policies on everyone accessing data – regardless of the devices that they are using. For example, a business should be able to require multi-factor authentication or that a personal device automatically locks its screen after a certain period of inactivity.
  • Mobility Management: IT teams must also have suitable tools to secure data as it is accessed and stored by mobile devices. In addition to other security features, these solutions should provide the ability to wipe data remotely if the device is lost or an employee leaves the organisation.

The role of CASB and identity as a service (IDaaS)

A cloud access security broker (CASB) provides security when data and applications move to a cloud environment. It manages user devices, enables visibility, ensures data protection, and enforces access controls.

A CASB can bolster defences for data when it is at rest on a cloud platform, and ensure that it remains secure as it is being accessed by users. It allows sessions to be monitored and anomalous activities to be spotted and remediated in real time.

Another important element of any successful security strategy in a cloud environment is identity management. Over the past decade, most organisations have developed identity management systems internally. Today, they must simply extend their best practices and policies to the cloud. This can be achieved by adopting an identity as a service (IDaaS) solution.

IDaaS can be used to fill previously neglected cloud security gaps. For example, many employees use a single, unsecured password across multiple cloud services, increasing the damage that can be done in the event of credential compromise.

As multi-factor authentication has helped to address this problem within corporate IT infrastructure, the capability must also be used to cover cloud platforms via IDaaS. This will help to ensure data and applications are only accessed by the individuals who are authorised to do so.

Business benefits from cloud security

Leveraging CASB and IDaaS delivers three significant advantages to any organisation seeking to secure its use of cloud services.

  • Improved user productivity: Having single sign-on (SSO) allows users to access data and applications from any device or location quickly, easily, and securely. A single set of credentials is all that is needed to gain access to required resources via SSO.
  • Better compliance: Together, CASB and IDaaS achieve end-user productivity and corporate security, ensuring that the enterprise is better able to meet its compliance requirements. Automated security policies can be enforced in real time and activity can be monitored continuously.
  • Increased operational efficiency: An organisation that is confident in its ability to secure data in the cloud can deploy a host of applications. This enables users to seek the best tools for performing their work, which inevitably increases operational efficiency throughout the business. Additionally, this reduces IT-related costs like those incurred when investing in traditional, on-premises infrastructure.

With CASBs and IDaaS, organisations can be confident that they have adopted the key elements needed to ensure effective security in the cloud. Whether separate solutions are deployed together, or both components are found in a single, complete solution, leveraging CASBs and IDaaS gives organisations data security built for the future, allowing them to reap the benefits of the cloud for years to come.

Article by Bitglass vice president of Asia Pacific and Japan, David Shephard.

Related stories:
Months on, many organisations still don't have secure remote access - report
Current security practices 'grossly inadequate' for protecting cloud infrastructures - report
Thycotic launches DevOps Secrets Vault solution for greater cloud security
A definitive guide to cloud access security brokers
FireEye unveils Cloudvisory: A multicloud security control centre
Bitglass & CrowdStrike develop agentless ATP defender
Dig deeper:
Story image
How to work from home securely
Here’s what you need to do to make your home working environment and systems secure, and protect yourself and your employer.More
Story image
CrowdStrike expands Linux protection, adds machine learning prevention
CrowdStrike says its solution delivers proven breach prevention and visibility from its cloud-delivered platform via a single lightweight agent.More
Story image
New tech startup looks to help lawyers and finance pros
StructureFlow has launched to market, dubbing itself as a tech startup with the mission of helping lawyers and finance professionals visualise complex legal structures and transactions. More
Download image
Revealed: How to make authentication simple again
It's absolutely necessary for a healthy security landscape, but authentication has become convoluted and bogged-down. Simplify and secure your processes with this tool.More
Story image
Microsoft warns of huge email phishing scam
The phishing campaign installs NetSupport Manager remote admin tool to take over and execute commands. More
Story image
Chinks in the armour: Why the post COVID-19 cloud is easy game for cybercriminals
Now’s the time for CIOs to pause and make sure their digital transformation projects are fit for today, and the future.More
Story image
How to work from home securely
Here’s what you need to do to make your home working environment and systems secure, and protect yourself and your employer.More
Story image
CrowdStrike expands Linux protection, adds machine learning prevention
CrowdStrike says its solution delivers proven breach prevention and visibility from its cloud-delivered platform via a single lightweight agent.More
Story image
New tech startup looks to help lawyers and finance pros
StructureFlow has launched to market, dubbing itself as a tech startup with the mission of helping lawyers and finance professionals visualise complex legal structures and transactions. More
Download image
Revealed: How to make authentication simple again
It's absolutely necessary for a healthy security landscape, but authentication has become convoluted and bogged-down. Simplify and secure your processes with this tool.More
Story image
Microsoft warns of huge email phishing scam
The phishing campaign installs NetSupport Manager remote admin tool to take over and execute commands. More
Story image
Chinks in the armour: Why the post COVID-19 cloud is easy game for cybercriminals
Now’s the time for CIOs to pause and make sure their digital transformation projects are fit for today, and the future.More
Download image
Dynamic Workforce Risk, and how it can jeopardise your business
Almost everything about the modern business is changing in 2020. An evolved workforce is one of them - but many businesses don't see the risks. Here's how this could spell bad news.More
Story image
ExtraHop brings SaaS network detection and response solution to market
"Reveal(x) 360 is the culmination of a multi-year R&D investment to secure data centre, remote sites, and cloud workloads with frictionless deployment and actionable insights that can be securely accessed from anywhere.”More
Download image
Why shifting workforce demographics requires updated management
Globalisation; a younger workforce; remote working trends - the landscape of the modern workplace has changed forever. And businesses could be in for a shock if they don't manage it properly.More
Story image
Sophos and Arcserve bolster alliance with two new solutions
The new solutions combine anti-ransomware and other threat-protection tech with immutable backup and disaster recovery capabilities.More
Story image
Months on, many organisations still don't have secure remote access - report
The report analyses the extent to which businesses were prepared for the sudden shift into remote working due to COVID-19 restrictions, and analyses how organisations have adjusted to support remote workers amidst the COVID-19 pandemic. More
Download image
The juggling act: Managing dynamic workforces and the risk that goes with them
Mitigate and continuously manage dynamic workforce risks, and continuously improve and maintain the maturity of your dynamic workforce risk program.More
Story image
Report: Tech industry most attacked sector
"The current global crisis has shown us that cyber criminals will always take advantage of any situation and organisations must be ready for anything."More
Story image
A definitive guide to cloud access security brokers
CASBs offer IT administrators granular access control and deep visibility over corporate data – critical functionality for organisations moving from internal, premises-based apps to the cloud.More
Story image
Rise in cyberattacks targeting the cloud as use of collaboration tools increase
“While we are seeing a tremendous amount of courage and global goodwill to overcome the COVID-19 pandemic, we also are unfortunately seeing an increase in bad actors looking to exploit the sudden uptick in cloud adoption."More
Link image
Webcast Series: Best security practices for a mobile workforce
Join an exclusive monthly webcast series to learn how to better secure your mobile workforce in the evolving threat landscape.More
Story image
Cisco buys ThousandEyes, strengthening network portfolio
Cisco is eyeing up network intelligence company ThousandEyes for its latest acquisition, building on Cisco’s cloud-based network and application performance portfolio.More
Story image
IDC names Accenture APAC Leader in pro security services
Accenture was recognised as having one of the most comprehensive security advisory and security assessment offerings.More
Story image
76% of execs losing sleep over being the next high-profile breach
Headline-grabbing security breaches of high-profile enterprises are becoming more common, fuelling the anxieties of business leaders who hope they're not next. More
Story image
FireEye unveils Cloudvisory: A multicloud security control centre
FireEye has announced the availability of FireEye Cloudvisory - a control centre for cloud security management across any private, public or hybrid security environment.More
Story image
Current security practices 'grossly inadequate' for protecting cloud infrastructures - report
"As cloud stacks become increasingly complex, with new technologies regularly added to the mix, what's needed is a holistic approach with consistent protection across the full cloud stack."More
Story image
Interview: Mimecast channel director on new partner programme and consolidation in the channel
Craig McGregor explains Mimecast's new partner programme, the importance of consolidation in the security space, and the effect of COVID-19 on the local channel.More
Story image
FireEye revamps its flagship anti-malware solution
The Endpoint Security solution has received several enhancements, including the availability of several new modules for protection, investigation and response.More
Story image
Channel guru brings Bufferzone to A/NZ
Previously, Wyman brought Backup Exec/Veritas, Brocade and StorageCraft to the region.More
Story image
New detection tool aims to catch Twitter bots in real time
Twitter recognises that it’s hard to tell just how much misinformation is out there on social media.More
Story image
A winning proposition for critical infrastructure
When is a surveillance system more than a surveillance system? When it not only protects an organisation’s premises but also supports efficient, reliable operations, and health and safety.More
Story image
Cost-effective security key demand for MSPs
A new survey conducted by Omida and commissioned by Acronis shows that there is an “overwhelming” demand for security services among MSPs.More
SolarWinds Niche Player in app monitoring Magic Quadrant
Simplicity, visibility and solution synergy have put SolarWinds into the 2020 Gartner Magic Quadrant for Application Performance Monitoring.More
DigiCert receives top award from Frost & Sullivan thanks to agile approach
DigiCert has received the 2020 Global Company of the Year Award by Frost & Sullivan, with specific focus on its global transport layer security (TLS) certificate market. More
LogRhythm launches Remote Workforce Visibility with promotion
"We want to help teams get ahead of this situation and ensure they have the resources they need to be confident in their security abilities."More
HackerOne hits $100M milestone with bug bounties
“We have arrived at the point in history where you are ignorant and negligent if you do not have a way to receive useful input from ethical hackers."More
Thycotic launches DevOps Secrets Vault solution for greater cloud security
“DevOps Secrets Vault is a cloud-based vault that balances the security and velocity that DevOps teams require for this growing part of the enterprise attack surface."More
Kaspersky launches security assessment training program
Kaspersky says the program is designed give organisations the tools to ensure the security and of third-party applications that are integrated into their IT infrastructures.More
Zscaler buys Edgewise, with its sight set on zero-trust
The acquisition indicates Zscaler's path towards improving the security of east-west communication, as well as its quest to achieve a zero-trust environment.More
Cybercriminals after money more than anything else - Verizon report
Of all the things cybercriminals aim to accomplish in their illicit activities, money still takes centre stage.More
Internet filtering not the answer - InternetNZ
The proposed law change is part of the New Zealand government response to the Christchurch terror attacks that occurred in March last year.More
Exabeam targets APJ with ‘significant investment’
Triples its team across the region and forms an exclusive partnership with Orca Tech in A/NZ as SIEM demand rises.More
Google most popular brand to impersonate in phishing campaigns - report
A new report from Barracuda released today shows 100,000 attacks impersonating reputable brands, with 65% of this figure using Google as a masquerade.More
D-Link brings thermal scan/facial recognition camera to A/NZ
The device can scan a large crowd and automatically raise an alert if a person with an elevated temperature is found.More
Interview: Thriving in lockdown - how a coding school in Vietnam beat the odds
It's March 10 2020, and CoderSchool in Ho Chi Minh just went entirely online. A success story followed - here's how a lockdown helped a school thrive.More
Demand for VPNs soars in Hong Kong amid fears over Beijing crackdown
VPN provider Surfshark revealed it has seen a week’s worth of sales in just one hour within the city, indicating that locals feel their internet freedom is under attack.More
Why people must form the backbone of your security decisions
In a recent survey 74% Asia Pacific IT and business leaders surveyed declare that security culture is essential to a successful business.  More
Five wine-tasting tips that should be applied to network security
What does network visibility really mean? Much like a blind wine tasting, we need to keep an open mind and trust what data is telling us without being biased by previous results.More
Acronis teams up with A.S. Roma to advance AI in sport
Acronis has officially announced its artificial intelligence (AI) partnership with Associazione Sportiva Roma, an Italian professional football club also known as A.S Roma.More
Managed services more popular than ever
However, a new Business Report indicates that MSPs could lose vital business if they don’t balance their portfolio services accordingly.More
More stories