Look for a service that offers tools to secure your cloud apps and data in transit. This includes network protection, encryption at rest, and a password policy that enforces best practices.
CASBs are fast becoming a core tool for implementing cloud security best practices.
Security Policy Management
Cloud-delivered security solutions offer centralized management, scalability, and agility based on usage, with pricing typically based on subscriptions that can be scaled up or down at will. They also provide:
- A fully integrated security stack.
- Minimizing disparate tooling and vendor sprawl and offering a single control point for cloud workload protection.
- Posture management and CASB technologies.
The best cloud-delivered security solution providers will have the ability to implement security protocols that separate users and prevent one user’s activity from affecting the applications, data, or systems of another. They should also be able to scan, report, and remediate configuration issues in multiple deployment environments (public, private, or hybrid).
A comprehensive security cloud-delivered solution, like what is SASE is doing, should uphold the Shared Responsibility Model and maintain Zero Trust policies across all of the pillars of cloud security: Access control, network security, virtual server compliance, and workload and data protection. It should protect users wherever they are and for every application — including on-premises and SaaS apps and the Internet — without compromising the employee experience or slowing productivity.
Lastly, look for a solution to support cloud service discovery and risk assessment of thousands of SaaS applications using published APIs, inline decoding of unpublished APIs, threat intelligence, and machine learning algorithms. Then use that insight to granularly configure security policy at the application, subnet, and gateway level.
Keeping an eye on your cloud infrastructure is vital to any cloud security solution. This is particularly true given the recent shift to remote working practices and users accessing cloud services through devices their organization does not own.
As a result, the number of cyberattacks targeting cloud platforms continues to rise, with 32% of businesses reporting a data breach or loss in 2019. Having robust monitoring capabilities is vital.
A CASB will monitor your cloud environment, identifying and blocking threats in real-time. They can also detect sensitive data within your cloud applications, alerting you to potential issues resulting from insider attacks such as rogue employees or privileged accounts and highlighting gaps in your compliance posture.
Finally, a CASB will ensure your cloud services are secure, protecting against unauthorized APIs that offer unauthorized access to your infrastructure. These are typically exposed to the outside world through insecure web interfaces, as exemplified by the Cambridge Analytica Scandal, and they can be used to hijack services and steal data or cause disruption.
A CASB will be able to identify these risks and provide granular visibility into your cloud environments via detailed metrics, logs, and traces. The vendor-backed observability data enables you to detect and investigate security threats across dynamic, complex cloud environments.
Data Loss Prevention
The threat of data loss is a serious concern for all organizations. Attacks that involve the theft or modification of sensitive information are more frequent than ever, and small businesses are especially vulnerable to the consequences of such attacks.
The good news is that effective data loss prevention (DLP) can prevent many of these attacks. DLP products can identify confidential and critical information and prevent unauthorized individuals from sending this information outside the corporate network. This will prevent data breaches and limit the impact of data loss incidents.
Another essential feature is to look for cloud security solutions that protect end-user devices. This is particularly crucial with the increased remote working and the growing use of mobile devices to access business apps and data. Look for solutions that offer advanced client-side protection that prevents users from downloading malicious applications, exploiting unpatched software vulnerabilities, or transferring files to insecure locations.
You should also ensure that your security solution provider offers encryption for data in transit and at rest. This will help to ensure that only authorized individuals can access the information and that it is impossible for anyone to change or delete the data. Also, look for a provider that only allows authentication through secure channels like HTTPS. Avoid services enabling authentication over email or telephone, which hackers could intercept.
Identity and Access Management
Identity and access management (IAM) is a critical discipline within cybersecurity to ensure that only the right people can access applications, systems, and data. The goal is to empower business users and teams by granting them access based on group- or role-based permissions. This enables the enterprise to manage access for employees, contractors, partners, customers, and even third-party automation tools such as bots and micro-services. It also reduces IT team workloads and allows them to focus on more non-automated projects requiring their expertise.
An effective cloud-delivered security solution provider will provide an IAM service that integrates with your existing identity directories, such as Active Directory (AD), or offer their in-built system. They should support multiple methods for user authentication, ranging from multi-factor to biometrics. They will offer IAM services to quickly provision and de-provision access, ensuring that credentials are only active temporarily.
Finally, the cloud security solutions provider should offer advanced physical protection of the hardware housed in their data centers. This includes controlled direct access, uninterrupted power supplies, CCTV, alarms, and air and particle filtration. The service provider should have a rigorous and transparent background screening process for their personnel, conforming to your country’s locally established standards. This is especially important in light of GDPR and other government and industry regulations.