More organisations are adopting a cloud strategy to leverage cloud services and enjoy the associated speed of development and deployment. One of the biggest challenges, however, is creating the balance that provides an appropriate level of governance over the use of cloud applications that still empowers users to leverage these services.
We recently highlighted a news article (read it here) about a tool that was able to trawl through Amazon Web servers and access potentially sensitive data hosted by a number of organisations. The tool highlighted flaws in the configuration of servers in the cloud. This is a good example possibly of a rush to deployment that left good cyber security practices behind.
In this blog series, we have discussed the need for a pervasive cloud centric cyber security approach that not just protects the user but also the data.
Cloud service providers are responsible for the security of their infrastructure, while organisations that use those services are responsible for user activities on top of that infrastructure. Cloud service providers will build security into their platforms and environment, however, if the data is being accessed by the wrong person or used inappropriately, they will not be aware of that. Additionally, they do not know what applications an organisation has approved or disallowed.
The cloud centric security approach, therefore, needs to have extensive visibility of who is accessing applications and data and how they are using it. The security approach must have the ability to identify malicious infrastructure and protect sensitive data from it. Compromised accounts need to be identified as well as potential malicious insiders. The emerging security tool that addresses this security concern is the cloud access security broker (CASB).
A cloud access security broker helps organisations address a range of cloud security vulnerabilities by providing visibility into the applications in use, profiling them from a risk perspective, and enforcing policies especially around data loss prevention (DLP) and user activity.
A good CASB implementation will also provide for the retrospective discovery of sensitive data and malware in cloud applications. The CASB should also integrate with network based entities to give visibility into real time data, threats in motion, as well as preview historical use of cloud applications.
In our next episode, we will take a deeper look at CASB and how they can work more effectively with other security tools to secure the cloud.
$2,235,018 per year
The average amount SMBs spent in the aftermath of a
cyber attack or data breach due to damage or theft of IT
assets and disruption to normal operations.
The amount is staggering, and enough to jeopardize the viability of
many companies. Yet the business benefits that come with the internet,
Cloud computing and other applications are impossible to forego
and remain competitive.
That’s why business owners and executives are asking one question:
If your service provider can’t demonstrate how it is making you
company less likely to become a victim of cybercrime, then it is time
to consider alternatives.
In this eBook, we’ll outline what companies are up against
today, and how Cisco Umbrella can help bring you peace of mind.
If you have read the last few updates you should now have a deeper understanding of Cloud Security, that’s great! But what can YOU do about it?
We are offering a 14 day trial of Cisco Umbrella, the industry’s first Secure Internet Gateway in the cloud.
Cisco Umbrella provides the first line of defence against threats on the internet. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.
It takes no time to install and you don’t have to provide any payment details (or even have a phone call).
So what have you got to lose?