Effective security requires an organization to know where its data resides and how it’s being used, especially when that data is migrated to the cloud. When you lose sight of these factors, you lose control of security.
A company I work with recently encountered a situation that highlights the importance of this issue. The company uses Microsoft OneDrive for file sharing as their standard platform, but found that some of its users were moving sensitive financial data to other cloud services. This violation of policy not only potentially put the data at risk but also threatened the company’s compliance with data regulations for its industry. The company implemented a cloud access security broker solution to improve control of its cloud data. A CASB monitors an organization’s cloud activity and enforces security policies.
This situation represents one of the more important security trends I think we’ll see in 2019. In addition to cloud security, we’ll see wider adoption of privileged access management for endpoints and a greater need for endpoint security and network visibility.
1. The Need to Secure Cloud Workloads
As the company I mentioned illustrates, cloud security is a critical issue for many organizations. Indeed, a report from Palo Alto Networks last year found that nine out of ten cybersecurity professionals expressed concern about cloud security.
Organizations are no longer merely plucking the low-hanging fruit of cloud migration, moving email systems to cloud services such as Microsoft Office 365 or Google’s Gmail. Many are pursuing migrations to Infrastructure as a Service and Platform as a Service in complex hybrid environments.
In such a complicated world, IT leaders need total visibility into the specific data and workloads they have in each cloud, and they must have control of who is using each cloud platform. In the absence of this visibility and control, organizations may risk the integrity of their data, face downtime and hamper access to the data users need to work effectively.
A CASB is an excellent option for IT teams to secure their cloud workloads. Organizations also should consider tools such as single sign-on and access control solutions.
2. Better Management of Privileged Access
Many organizations allow users to have administrator access to their endpoint devices, such as laptops or desktop PCs, a move that offers convenience and control to the person who handles the device most often — the user. But this policy comes with a serious risk: If a cybercriminal gains access to the device, he or she has full admin privileges as well, enabling them to cause far more damage than they could do otherwise.
Privileged access management solutions can help organizations reduce their security risks by minimizing the attack surface. These solutions control access across shared accounts and multiple platforms while offering access only to resources for which users are authorized. They also enable IT teams to secure remote access and audit sessions involving privileged access.
3. Securing Endpoints and Boosting Network Visibility
The vast growth of IT environments in recent decades has greatly increased the security challenges that organizations face by increasing the attack surface. Back when nearly every user accessed an enterprise network from a desktop in an organization’s office building, security was much simpler than it is today. Now, organizations must be able to monitor remote workers, control third-party access and secure IT resources for telework.
Endpoint security and network visibility solutions provide the capabilities organizations need to reduce the threat level, even in dispersed IT environments. These solutions simplify and automate patch management, monitor data traffic and user activity and provide valuable security controls. Many vendors offer these tools via cloud delivery, which reduces infrastructure costs and minimizes demands on in-house IT staff.
Taking heed of these three trends can help organizations improve their security posture as they face the threats that 2019 will bring.
This blog post brought to you by: