3 minute read
KEEPING YOUR DATA SECURE
from 50 CHANGE MAKERS
by cxoinsightme
What are the cybersecurity trends to watch out for this year? Cloud security, for sure. Cloud computing is being used pretty much by every organisation worldwide in some shape or form. And as we see more and more organisations move to the cloud, either fully or hybrid, we will see a significant focus on cloud security. Cloud providers will need to focus on ensuring their platforms are secure, and organisations will need to focus on how their data residing in the cloud is also secure.
The second trend, although not a trend but something that I think needs mentioning, is work from anywhere. Although some employees prefer to return to the office, many still prefer work from anywhere. So securing a true work-from-anywhere environment without compromise is still something to keep an eye on.
Advertisement
The third trend is AI and ML being used to help detect threats and prevent cyber-attacks, with AI-enabled threat detection systems predicting new attacks and notifying security admins any breach instantly.
Why is cloud data protection a security concern?
We are seeing a massive growth of data with more and more cloud-based applications, and organisations employees are accessing more and more sensitive data on their sanctioned and unsanctioned devices. Going back in time, customers had their own data centers and their own internal networks and everything they did existed within their four walls. And everything was trusted. The applications, the data, the users, their devices. Anything outside was not trusted.
And to access a shared drive, you had to be physically in the office on the network and on a company device. And if you were outside, then it was only from your company-managed device, and you were on a VPN.
Fast forward to today, and things are changing because we are all moving onto the cloud. You’ve got cloud applications that are replacing the applications typically on-premise. At the same time, you are moving your data up to the cloud applications.
And then you’ve got your users outside the office, working from anywhere, accessing these cloud applications. Remember, before they had to VPN in, now they could directly access these applications.
Why is this a security concern? Security was built inside your DC like a firewall or an on-premise web gateway to handle your web traffic. You were inside your network. Your data could be trusted and protected. But when users are at home, you lose that capability with your onpremise security controls. If your users are sitting at home, then your on promise secure web gateway won’t be able to stop someone from downloading malware from the internet or uploading sensitive data to websites. So not only can you not protect your users and even your managed devices, but when you move your data to the cloud, it is out there for anybody to try and access it, putting it at risk. And also, third-party apps and services that your company hasn’t sanctioned. For example, your employees using Dropbox or ConverttoPDF, which they sometimes need for their day-to-day job. And none of this happens inside your company’s purview; it’s all happening cloud to cloud. This is pretty much what we call Shadow IT. Again if this happened inside your network and you had an onprem web gateway you could probably stop it from happening.
When you move to the cloud, controlling users’ apps is very important. The more you use sanctioned cloud applications, you also have to be able to control unsanctioned cloud applications and allow users to use them to the extent that they need to. At the same time, make sure they do it in a way that you control and can protect.
What are the cybersecurity challenges of remote work?
Working remotely still poses many security challenges if correct policies are not implemented. And users, regardless of where they are, must backhaul their traffic back to the corporate network only to go back to the outside world again, causing many challenges like service availability, user performance, productivity, etc.
Also, with the VPN approach, we all know it’s not the most efficient system; first, you have a very contradictable technology in VPN with vulnerabilities pretty regularly. Second, you are bringing back internet traffic from outside back into your data centre, adding more load on the proxies to exit back out again, which doesn’t make sense because the applications sit in the cloud, so you might as well access them directly. Oher challenges include malware protection, remaining compliant with data protection, end-user latency, and vulnerable personal and company devices at home.
