Consistently protect your global organization and cloud applications in every location
Your Users and Applications Have Left the Building
Like many of your employees, Jane is always at work, even when she’s not physically in the building. Jane is going where she’s needed, such as stopping by field offices and getting face time with clients. She’s working when she’s at home as well as on the road. Wherever she goes, Jane needs the ability to access all her applications and the security to do so safely while consistently stopping threats and enforcing policies to protect data.
The First Generation of Cloud Security
Unfortunately, many “Cloud Security 1.0” products were designed to address yesterday’s problems, and they fall short of fulfilling today’s needs. Security should be consistent and comprehensive everywhere Jane goes, and wherever business data lives, but that’s just not the case when the protection is different depending upon the locations of applications and users.
The first generation of cloud security consisted of point products that offered specific functionality without a way to coordinate protection. When security doesn’t look at the big picture, it can be challenging to see all the ways data can be lost or stolen, or the subtle methods attackers use to hide in the paths least taken.
As a result, the deployment of proxies, secure web gateways, remote access VPN, DNS filtering services, and cloud access security broker (CASB) proxies have led to some security challenges that are difficult to overcome.
- Blind spots: Applications can be provisioned instantly in the cloud, creating new data security risks and threat vectors overnight. Traditional cloud security products are incapable of seeing all applications and data, creating policy gaps and blind spots.
- Threat mitigation: No application can be presumed safe, and threats to data and users need to be dealt with before they cause harm. You need to know who has access to your applications so you can control where the data goes and stop threats.
- Deployment and management complexity: It’s difficult to keep adding more point products without creating administrative or budgetary burdens. This becomes worse when considering how to reconcile issues that affect different systems, such as policy changes or incident investigations.
Requirements for Better Security Outcomes
Inconsistent and ineffective protection increases exposure to risk, hurts productivity, and drives up operational expense—and that means it’s time for change. The paradigm for cloud security must be reinvented. The next evolutionary step requires new thinking on how to build better protection for all applications, users, and branch offices. What would a better design look like? Next-generation cloud security must address several key needs:
- Consistent security for applications and data: Policy gaps and uninspected traffic are vulnerabilities in security posture. Next-generation cloud security must be able to connect and protect all applications, users, and offices in a consistent manner.
- Flexible deployment models: The first generation of cloud security was not flexible because it did not account for the wide variations in architecture that must be supported in complex environments. Organizations need flexibility and choice in how they get protection, whether in the cloud or in conjunction with virtualized or physical network security hardware. Next-generation cloud security should deliver security where it is needed, in a manner that doesn’t require compromises or apologies for unmet needs.
- Architecture: To deal with cloud-scale problems, you need scalability, coverage, and frictionless deployment to make sure you can put protection where you need it.
You May Also Like to Read:
3 Cloud Computing Security Issues All Companies Face