An increasing range of organizations is embarking on the ‘direct-to-cloud’ journey. This provides many advantages from a performance, operations and cost perspective because of the efficiencies achieved by remote and branch locations routing traffic differently.
There are a couple of more things to think about once considering direct-to-cloud connectivity: how it impacts cloud application usage and organizational security.
Impact of direct-to-cloud on business applications
Traditional environments have on-premises infrastructures to support most of the business applications. When we migrate from a central hub infrastructure, will that mean there’ll be inflated dependency on cloud applications?
Most likely, yes!
A larger percentage of new business services are going to be cloud-hosted to achieve the advantages that come with it like a mobile workforce that’s a lot of productive and competitive while on-the-go, reduced the cost of operations, scalability, business continuity, etc. Over time, even on-prem solutions can presumably have a migration path to the cloud.
What are the considerations for security within this new environment?
One of the most things we tend to hear from our discussions with organizations migrating business services to the cloud is around visibility. Historically, security groups had full visibility to the environment once services were hosted on-prem. Now they wonder about things like:
- Who is accessing the cloud service?
- When are they accessing it?
- Where are they accessing it from?
- How are they accessing it?
- What info are they accessing?
With a shared security responsibility model, the cloud becomes another attack surface in addition to the on-prem company environment. Think about this scenario: a worker using a personal device (BYOD) to access a sanctioned cloud service like Office365, can have access to the business data. However, the IT/IS team never sees that traffic hit the company infrastructure.
In a cloud environment, we also ought to consider compliance, which can be streamlined to keep the auditors happy. Some things to think about:
- How do on-prem policies reach the cloud?
- Do you need a central console for compliance policy management?
- Do you have the visibility to attain compliance within the cloud?
To achieve this, we need to alter the approach around security.
Thinking about security differently
Security in a cloud or hybrid environment doesn’t need to be complex. It simply needs us to think about it differently. We don’t have to dismiss the great things we’ve in place around on-prem security. however, we do have to be compelled to add cloud visibility and management to the combination. Cloud Access Security Broker (CASB) will offer the visibility and management for cloud applications that organizations are searching for. Gartner listed CASB as one of the ‘Top 10 Security projects for 2019’. Adding cloud protection or CASB to an existing on-prem environment doesn’t need to be done in a silo. On the contrary, it becomes simpler if done in an integrated manner. This will be done in multiple ways. If you have web security already in place, you’ll be able to augment it with cloud application security as an add-on. As an example, Forcepoint web Security comes with the power to add a cloud app management module to induce visibility and management over cloud applications in an integrated manner. If your organization is concentrated on data protection with a solution like DLP even it will be extended to the cloud to have unified policy management. No matter where you come from adding cloud security to it should be simple. No matter where you’re in the ‘direct-to-cloud” journey, the benefits of embracing a cloud/hybrid environment can remodel your business. It’ll bring larger productivity, lower cost thanks to infrastructure and operational efficiencies, scale back risk with frictionless security and additionally streamline compliance.
Download Free Forcepoint Resource
Get access to authentic content from one of the leading cyber security experts in the world from the Philippines’ premiere technology provider.