Story image

Exclusive: How companies can stay secure in the cloud

Recently Security Brief had the opportunity to talk to Bitglass APJ VP of sales David Shepherd about cloud security. 

What are the threats companies moving to the cloud or adoption cloud services are least prepared for?

I think most people now accept that moving to the cloud is no less secure than the traditional way of doing things; in fact, in many cases, the cloud offers more security than most enterprises could hope to achieve in-house. This being said, some threats in the cloud are different to those historically faced in on-premises-only environments. 

For example, organisations moving to the cloud must defend against malware that can quickly infect a business by spreading through personal and corporate devices as well as the cloud apps that they access. Additionally, enterprises must understand the shared responsibility model of security and adopt new tools for addressing unauthorised external sharing, advanced cloud phishing attacks, and more. 

How have CASBs had to evolve as threats to companies in the APJ region change?

It seems that threats in APJ have evolved virtually identically to those around the world. Regardless, CASBs have had to adapt to address these threats and help customers understand and manage cloud data risk. Initially, most CASB offerings were designed solely to provide visibility into SaaS app usage in the enterprise. 

However, they have rapidly evolved into flexible tools that can be used for a massive variety of use cases; for example, securing the mobile workforce, new apps, BYOD, and IaaS platforms, as well as responding to misconfigurations in cloud platforms, inappropriate sharing, data leakage, malicious insiders, and zero-day malware. 

What are the biggest barriers preventing companies from implementing a CASB to secure the cloud?

Solving today's problems requires fresh thinking. Perhaps the biggest barrier we need to challenge is the belief  that traditional tools like firewalls are able to offer comprehensive data security in a cloud-first world. 

This belief may be due to an overestimation of how well on-premises security tools can extend to the cloud, a fixation on the sunk costs associated with existing IT infrastructure investments, or some level of misunderstanding around cloud threats. Whether you believe you’re using the cloud or not, your users have probably already moved your data into this new landscape. 

What are the biggest opportunities using a CASB brings a company as opposed to implementing their own cloud security protocols?

We’re seeing a continued shift toward the consumerisation of IT. People no longer want to build and maintain their own networks, infrastructure, or applications – it’s inefficient and not the best use of their budget or IT resources. As such, many companies prefer to consume IT-as-a-service and commit more focus to running their businesses. 

By leveraging a third-party CASB, organisations are able to benefit from a specialised solution that secures data right out of the box with prebuilt policies and proven efficacy. Additionally, cloud access security brokers serve as a single pane of glass for ensuring consistent security across all of an enterprises’ cloud applications, eliminating the need to manage dozens (or hundreds) of applications' disjointed, native security features.

What distinguishes an effective CASB solution?

The most effective CASB solutions are commonly known as multimode or hybrid CASBs. These integrate with application programming interfaces (APIs) to secure data at rest, and proxy traffic in order to protect data in transit between apps and devices. Uniquely, the Bitglass Next-Gen CASB uses an agentless reverse proxy architecture. 

This means that we are up and running and fully deployed in hours rather than months. Companies start to receive value immediately, which is almost unheard of when deploying enterprise security tools. To cope with the dynamic cloud landscape, we are leveraging machine learning to automate protections and ensure that we deliver proactive, real-time security for any app, any device, anywhere.

Oracle updates enterprise blockchain platform
Oracle’s enterprise blockchain has been updated to include more capabilities to enhance development, integration, and deployment of customers’ new blockchain applications.
Used device market held back by lack of data security regulations
Mobile device users are sceptical about trading in their old device because they are concerned that data on those devices may be accessed or compromised after they hand it over.
Gartner names ExtraHop leader in network performance monitoring
ExtraHop provides enterprise cyber analytics that deliver security and performance from the inside out.
Symantec acquires zero trust innovator Luminate Security
Luminate’s Secure Access Cloud is supposedly natively constructed for a cloud-oriented, perimeter-less world.
Palo Alto releases new, feature-rich firewall
Palo Alto is calling it the ‘fastest-ever next-generation firewall’ with integrated cloud-based DNS Security service to stop attacks.
Facebook fights fake news ahead of Africa elections
“We also show related articles from fact-checkers for more context and notify users if a story they have shared is rated as false.”
The right to be forgotten online could soon be forgotten
Despite bolstering free speech and access to information, the internet can be a double-edged sword, because that access to information goes both ways.
Opinion: 4 Ransomware trends to watch in 2019
Recorded Future's Allan Liska looks at the past big ransomware attacks thus far to predict what's coming this year.