sb-eu logo
Story image

Exclusive: How companies can stay secure in the cloud

Recently Security Brief had the opportunity to talk to Bitglass APJ VP of sales David Shepherd about cloud security. 

What are the threats companies moving to the cloud or adoption cloud services are least prepared for?

I think most people now accept that moving to the cloud is no less secure than the traditional way of doing things; in fact, in many cases, the cloud offers more security than most enterprises could hope to achieve in-house. This being said, some threats in the cloud are different to those historically faced in on-premises-only environments. 

For example, organisations moving to the cloud must defend against malware that can quickly infect a business by spreading through personal and corporate devices as well as the cloud apps that they access. Additionally, enterprises must understand the shared responsibility model of security and adopt new tools for addressing unauthorised external sharing, advanced cloud phishing attacks, and more. 

How have CASBs had to evolve as threats to companies in the APJ region change?

It seems that threats in APJ have evolved virtually identically to those around the world. Regardless, CASBs have had to adapt to address these threats and help customers understand and manage cloud data risk. Initially, most CASB offerings were designed solely to provide visibility into SaaS app usage in the enterprise. 

However, they have rapidly evolved into flexible tools that can be used for a massive variety of use cases; for example, securing the mobile workforce, new apps, BYOD, and IaaS platforms, as well as responding to misconfigurations in cloud platforms, inappropriate sharing, data leakage, malicious insiders, and zero-day malware. 

What are the biggest barriers preventing companies from implementing a CASB to secure the cloud?

Solving today's problems requires fresh thinking. Perhaps the biggest barrier we need to challenge is the belief  that traditional tools like firewalls are able to offer comprehensive data security in a cloud-first world. 

This belief may be due to an overestimation of how well on-premises security tools can extend to the cloud, a fixation on the sunk costs associated with existing IT infrastructure investments, or some level of misunderstanding around cloud threats. Whether you believe you’re using the cloud or not, your users have probably already moved your data into this new landscape. 

What are the biggest opportunities using a CASB brings a company as opposed to implementing their own cloud security protocols?

We’re seeing a continued shift toward the consumerisation of IT. People no longer want to build and maintain their own networks, infrastructure, or applications – it’s inefficient and not the best use of their budget or IT resources. As such, many companies prefer to consume IT-as-a-service and commit more focus to running their businesses. 

By leveraging a third-party CASB, organisations are able to benefit from a specialised solution that secures data right out of the box with prebuilt policies and proven efficacy. Additionally, cloud access security brokers serve as a single pane of glass for ensuring consistent security across all of an enterprises’ cloud applications, eliminating the need to manage dozens (or hundreds) of applications' disjointed, native security features.

What distinguishes an effective CASB solution?

The most effective CASB solutions are commonly known as multimode or hybrid CASBs. These integrate with application programming interfaces (APIs) to secure data at rest, and proxy traffic in order to protect data in transit between apps and devices. Uniquely, the Bitglass Next-Gen CASB uses an agentless reverse proxy architecture. 

This means that we are up and running and fully deployed in hours rather than months. Companies start to receive value immediately, which is almost unheard of when deploying enterprise security tools. To cope with the dynamic cloud landscape, we are leveraging machine learning to automate protections and ensure that we deliver proactive, real-time security for any app, any device, anywhere.

Story image
Video: 10 Minute IT Jams - The benefits of converged cloud security
Today, Techday speaks to Forcepoint senior sales engineer and solutions architect Matthew Bant, who discusses the benefits of a converged cloud security model, and the pandemic's role in complicating the security stack in organisations around the world.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More
Story image
Acronis announces new security endpoint solution
The solution is an integration of data protection and cybersecurity which provides customers with effective endpoint protection in a landscape where the pointlessness of perimeter security is becoming more pronounced.More
Story image
Ripple20 threat could affect 35% of all IT environments – ExtraHop
The vulnerabilities have the potential to ‘ripple’ through complex software supply chains, enabling attackers to steal data or execute code.More
Story image
Spending on managed security services in A/NZ to grow despite COVID headwinds
COVID-19 has changed security priorities significantly, and managed security services in A/NZ are set to benefit. More