- June 13, 2024
- Catagory cloud computing
What is a CASB and how to pick the best one
Cloud access security brokers (CASBs) are increasingly important as endpoints flourish and organizations embrace a multi-cloud strategy for business applications and other workloads.
A CASB manages secure access between endpoints and cloud computing environments. The standalone CASB market is growing. Valued at US$11 billion in 2023, Mordor Research expects it to grow at 17% annually to reach US$24.2 billion by 2029 in alignment with the surge in adoption of various cloud-based services, along with growing concerns about data security and privacy. A CASB is also part of a broader security strategy that Gartner has dubbed the Secure Service Edge (SSE), which also integrates SWG and Zero Trust network access (ZTNA).
Like many security tools, a CASB can be deployed on-premises or in the cloud in as a hardware appliance, software-only, as a proxy, reverse proxy, or through specific APIs. CASBs can manage access for a broad range of endpoints, including corporate-owned devices or those managed outside the organization by third parties and employees, whether they on are on-premises or remote, including internet of things (IoT) devices.
These various endpoints connect to multiple cloud resources, including common productivity suites such as Microsoft 365 and customer relationship management (CRM) tools delivered in a Software-as-a-Service (SaaS) model, such as Salesforce. Common collaboration tools such as Zoom and Slack also connect via many endpoints that could be managed by a CASB, which monitors everything that goes in or out. A CASB gives you visibility into what users are doing in the cloud, enforces your access control policies, and watches for security threats.
The original purpose of a CASB was to uncover shadow IT â unauthorized applications and cloud storage services deployed by employees that put corporate data at risk. CASBs are now a critical tool for security teams to uncover and monitor unauthorized or unmanaged cloud services as well as protect data as it is moved across hybrid / multi-cloud environments and remote work environments. CASBs also play an important role in complying with data privacy regulations and enforcing data privacy policies.
Any CASB you deploy should be able to give you comprehensive visibility into cloud usage, user activities, and data flows, while also allowing you to granularly control data access and user permissions as part of your overall data protection strategy to safeguard mission critical information across multiple clouds and endpoints.
A CASB not only touches all your endpoints, but must also integrate with your existing security tools, including identity management and single sign-on (SSO) tools, web application gateways firewalls, and endpoint protection.
Given that purchasing and integrating a CASB can be a complex endeavor, considering engaging with a managed security services provider who can help you audit your organization so that you select a CASB that addresses all your pain points and can scale with your business over time.
If you donât feel youâve put enough effort in cloud security, youâre not alone.
A recent survey released by Telus found that Canadian organizations only set aside 34 per cent of their cybersecurity budgets for cloud security, while nearly all admit that if they had to do it all again, they would have spent more time security when they began their migration to the cloud, especially on threat and risk.
Respondents would have also spent more time on monitoring and detection, as well as threat prevention controls.
All this regret around cloud security may explain why the 511 cybersecurity professionals surveyed by Telus are planning to increase spending by 22 per cent in 2023. Conducted with IDC Canada, the survey spans a wide range of Canadian industries and organizations, with more than half identifying as very knowledgeable about cybersecurity, with the remainder identifying as knowledgeable.
While security knowledge ranks well among respondents, only 37 per cent of the organizations surveyed report having dedicated cloud security professionals, while nearly as many â 33 per cent â are finding that staffing for cloud security skillsets is the most difficult of all cloud specialties to find.
Not many â 14 per cent â are storing their most valuable data in the cloud, which aligns with the confidence in cloud security, as 57 per cent of organizations believe their cloud environments are very or completely secure, but only 38 per cent of respondents said their organizations uses multi-factor authentication (MFA) to secure their cloud environment.
Approximately one third of respondents cited a lack of tools to monitor, detect, and respond to cyber threats was a major gap in their cloud environments, while a whopping 89 per cent said their organization had experienced a cloud security incident. (An incident is defined as an event with the potential to compromise confidentiality, availability, and/or integrity of computer networks, systems, or data.)
On average, the Telus survey found that organizations had experienced four to five cloud security incidents a year, with nearly half of the most damaging incidents spreading to on-premises environments. These incidents could be attributed to misconfigurations, human error, and known vulnerabilities.
Not surprisingly, respondents are using more than one cloud service provider â the average was up to 8.5, with infrastructure-as-a-service providers such as Amazon AWS, Google Cloud Platform and Microsoft Azure being the most used.
The Telus report makes several recommendations for those responsible for security in their organization. Chief among them is to not underestimate the value of frameworks like NIST, ISO/IEC 27001 or others. Others include:
- Provide IT / security staff with comprehensive cloud security awareness training
- Enable and configure any included security controls offered by your cloud service provider
- Conduct regular security audits and assessments
- Deploy MFA
Given all the cloud providers organizations use as well as the challenges in finding security specialists, you might consider seeking out a managed service provider who can help you bolster your cloud security, improve your overall posture and help you adhere to the Telus survey recommendations.
- June 30, 2021
- Catagory cloud computing
Moving to a hybrid cloud requires a roadmap
If youâre struggling to make the business case for moving to the cloud, consider this: moving to a hybrid cloud allows you to scale up computing, networking and storage capabilities without a significant upfront investment.
Moving to a hybrid cloud also enables you to you to keep some applications and data on-premise if you feel theyâre too sensitive for public platforms or if you think your on-premise infrastructure is a more efficient, reliable and secure environment. You can have the best of both worlds by running a private cloud in tandem.
Ultimately, moving to a hybrid cloud lets you choose the best option for each workload so you can move data back and forth as your business requires.
Hybrid cloud is a balancing act
The advantage of public cloud platforms is that it can help you computing resources at the pace of business.
Moving to a hybrid cloud lets you spin up new resources quickly without spending a great deal of cash all at once because the public cloud provider has taken care of investing in the hardware and the staff necessary to manage it. This is especially beneficial for businesses with many locations that must all access the same data and applications, such as remote work endpoints.
Hybrid cloud also enables you to run legacy systems in parallel with âcloud firstâ IT initiatives and map out over the longer term how you might migrate older systems to the cloud. This allows you to be thoughtful about all the operational considerations that come with moving applications and data to the cloud, such as optimization, ongoing management, and security.
Moving to a hybrid cloud model reduces the amount of on-premise IT you must manage and maintain, but you still need people who understand the public cloud platforms youâve chosen. Not all platforms are the same, even if the workload is the same. Amazon Web Services and Microsoft Azure may differ in how they handle something as simple as a data backup function. Itâs important that you have in-house cloud skills while also consider partnering with a cloud services provider.
This is especially important when it comes to security because your IT team is still responsible for some elements of it, and it varies depending on the public cloud provider. Regardless of the platform, cloud security is a shared responsibility. You need to understand what aspects of security youâre responsible for configuring and what the public cloud provider is taking care of. Otherwise, you increase the potential for security incidents that result in data breaches, compliance failures, lost customers and lost revenue.
Improve how you do things
Moving to a hybrid cloud is also an opportunity to improve your business processes and how you do things day to day.
You wonât get the benefits of cloud applications, either in the public cloud or your own private cloud, if your migration plan doesnât reflect your strategic business goals. When you move data and applications off legacy IT, you need to look at how youâre going optimize your business functions; otherwise, youâre just replicating existing inefficiencies over to new technologies.
You only gain the efficiencies and cost effectiveness of the hybrid cloud if you spend smarter. Itâs not just about moving to the cloud, itâs about moving the right applications and data to the appropriate cloud. Your primary driver for moving to a hybrid cloud should be optimizing your business, and you still need to make a business case for it because it does require financial investment.
Even if youâre only now just looking at how to leverage the cloud for your business, an incremental approach in partnership with a cloud services provider can help you find the right mix public and private cloud and on-premises systems so you can get the benefits that come with moving to a hybrid cloud.
- January 28, 2021
- Catagory cloud computing
6 Cloud Computing Trends That Will Affect Every Business
The move to remote work nearly a year ago accelerated cloud computing trends that were already in play. With no quick return to offices expected in 2021, businesses of all sizes should plan to prioritize further cloud and Software-as-a-Service (SaaS) investments to support distributed workforces, while being mindful six key trends.
Cloud is enabling new ways of doing business
Moving to cloud computing or SaaS offerings isnât just about getting on the latest technology bandwagon or saving money on capital or operational expenses. The cloud enables organizations of all sizes to do business better to make employees more productive across many departments, including finance, human resources and marketing, no matter where they are located. Cloud computing and SaaS also level the playing field to allow smaller business to compete with large competitors.
Security is a critical differentiator
Even with all these productivity gains from cloud computing and SaaS, the move to remote work as heighted the need for robust security, so organizations need to set aside time, resources and attention on their security strategy as to prevent breaches and disruptions that might impede any newfound productivity or cost them revenue through lost customers who lose trust.
Not everything will be in the cloud
Even as cloud computing and SaaS continue to take off to support distributed remote workforces, hybrid environments that mix on-site computing, storage, and services with public cloud offerings from vendors such as Amazon Web Services (AWS) or Microsoft Azure will become the norm, and everything will need to work together in concert, securely. Different providers will need to work together to as they each get spooled up to meet the specific requirements of different lines of business within an organization.
A spring cleaning of all compute resources
Organizations will begin to realize not everything that got migrated to the cloud needed to be moved, so even as cloud computing adoption will continue to accelerate, itâs become clearer which workloads need to be in the cloud, and which ones should be winding down, including any outdated data that goes with them, to be even more efficient and get the best bang for the buck from their cloud spend.
Training across the board: Getting the most from cloud computing while keeping it secure will mean investments in training for IT staff as well as raising the cybersecurity awareness of workers across the board as to adequately safeguard organizations as the era of remote work continues. Both cloud providers and their customers will want to make sure theyâre providing both entry level knowledge of the cloud as well as creating advanced experts as a means to enable the business.
Consolidation of cloud providers
While itâs unlikely that an organization will want to put all their eggs in one basketânot all service providers are great at everythingâthey will want to keep the number of cloud computing environments and SaaS applications manageable. While larger enterprises will likely give most of the budget to the big players, smaller ones will likely want work with a local managed services provider that will prioritize their business and help the navigate all the emerging cloud computing deployment options and guide them on the necessary governance and security.
If 2020 was all about a mad scramble to support a remote workforce and iron out the kinks, then 2021 will be about looking to the future with new investment in cloud computing and SaaS offerings while building on the foundation that was put in place.