More and more organizations realize the financial and operational advantages of moving their on-premises data and workloads to the cloud. Indeed, there are many business benefits, including gains in productivity and usability for employees.
On the other hand, a consequence of the rapid growth of the cloud is that many companies need to pay more attention to the new risks and threats that exploit this technology. Furthermore, depending on the proposed architecture and connectivity, there may be hidden performance fees as a price for enabling an increasingly mobile workforce.
Users demand direct access to the cloud applications they use for work, many unknown or sanctioned by the company.
Enterprise’s Cloud Security Situation
As the cloud transforms IT, it creates numerous security and data challenges. Therefore, when assessing an enterprise’s cloud security situation, the following considerations need to be made:
- Have high-level threat prevention and information security inspection technologies that can quickly scan traffic, even encrypted, going to and from the Internet. Unlike next-generation firewalls (NGFWs), proxies (Secure Web Gateways) are designed to do this and to inspect encrypted traffic at scale without degrading the level of security and performance.
- Ensure the inspection approach has multiple layers proven practical (i.e., insist on seeing test results and proofs of concept).
- Don’t rely on less effective security and compliance policies to protect remote users than head office employees. Security and compliance policies must apply to all users, regardless of their location or which devices they use (which are sometimes multiple).
- Security must be enforced as traffic flows directly to the Internet. Suppose the cloud security provider has the right technologies to work natively with cloud applications, such as Office 365. In that case, users will experience better performance and security, and you will have a lower monthly cost.
- To meet data compliance and information security requirements, knowing what information is going out to the web and cloud is essential. For example, if data is sent to services like Box or similar, does this violate company compliance policies? If sensitive content or intellectual property exists, is additional protection needed, such as encryption? If so, it is necessary to apply access rights, establish rules for who in the company is authorized to see these encrypted documents, also generating traceability as they are accessed and changed in the cloud or on any device.
- CASB (Cloud Access Security Broker) capabilities can help identify which cloud applications employees use. It is only possible to assess business risks by knowing the attributes and characteristics of these cloud apps. The next step is to have tools that allow you to manage access to cloud applications to disallow access for non-compliant clouds or allow access but with continuous monitoring and the ability to enforce stricter security policies.
- Lastly, you need a way to receive alerts when something suspicious occurs on any cloud accounts. For example, advanced CASB tools can use user behavior analysis (UBA) to detect patterns of behavior that indicate risky or abnormal situations.
Without the proper tools, many companies act ultra-conservatively, blocking web traffic. It doesn’t hurt to be cautious, but it frustrates employees and hinders productivity as they need access to the websites and apps needed to complete their work. But go ahead and bet it all on the cloud. It is already a reality in 100% of companies, in most cases due to user influence or action (Shadow IT), even in companies that formally believe they do not use the cloud.
It is essential to embrace this movement, seeking to quickly gain visibility as the basis for proposing improvements, sanctioning technological alternatives and readjusting processes for authorized and even safer use of the cloud.