Your on-premise data might be secure, but how does your Cloud security measure up? Implementing lock-down methods for both is key to ensure your data remains safe.
If your Cloud Security is presenting challenges within your IT department, now is the time to take action. With Cloud technologies evolving every day, the cyber arms race is well and truly underway. Do you have the capability in-house to square up to cyber threats to your Cloud data? Secure your Cloud Apps such as Office 365 and be confident that your data is as safe in the Cloud as it is on-premise.
At CST, we offer many solutions and services to help you embrace the Cloud to provide complete security confidence. We understand that there is a sea of vendors in the marketplace offering many different products, but which is the best for your business?
Kick-start your Cloud security strategy today with our top 5 tips to safeguarding your Cloud data:
Understand the security and availability SLAs of the Cloud App. Where the data will reside, and what happens to your business if the Cloud vendor fails. Asses the risk based on a worst-case scenario. Moreover, if the risk is too high, look at 3rd party cloud plugins that can eliminate dependencies, or provide additional safeguards, such as:
Whatever strategy your business adheres to for securing your Cloud data, at CST, we find the common challenges our customers face fall under the following categories:
Securing Cloud Applications (Apps).
Cloud Apps such as 0ffice 365, Sales Force, Dropbox, etc are there to make work more efficient and reduce on-premise support burdens. The challenge, though, is to protect a Service that is outside of your hosting control, accessible from just about any location or device and typically by default has its native security controls and policies set at their lowest protection level. So - designed to aid easy usage, simple adoption and mass consumption. All of which do not go hand in hand with a strong Data protection or Cyber Security objective. Below are some complementary solutions and services to raise the security level of Cloud Apps
Symantec Email cloud
Ideal for clients adopting O365 or indeed any other email Cloud app. The service works seamlessly with O365 to ensure email threats such as malware, spam, phishing and malicious URL links are removed from the O365 communication stream.
Symantec CASB
A solution that gives you centralised access and data protection control of Cloud Apps. Cloud App adoption can sometimes be sporadic, such as an isolated Finance Dept using a new payroll Cloud App, or strategic with a “Cloud First for all” with Cloud Apps being used for every possible business function. Either way, Symantec’s CASB ensures that:
CST’s O365 Security Assessment Service
Microsoft approached us in 2018 to adopt their security competency. They found that customers of O365 do not tend to use all the security features and functions available to them. Sometime the first time an O365 customer becomes aware of a security feature is after they suffer a breach and the subsequent review unearths policies that were never tweaked, or a feature wasn’t enabled. O365 comes with some powerful security controls, however by default these are not enabled, or the configuration is at low protection state. Our service is based on Microsoft’s security methodology and security tools. The service will appeal to those considering O365 and how to adopt in a secure and safe sate, or to those using O365 who never got around to undertaking as much due diligence as they would have preferred.
Securing Cloud Infrastructure:
Cloud infrastructure rental, such as with Azure, AWS etc, does not typically include security protection as standard and you will need to safeguard against the usual threats that would target on-premise platforms. Threats can include viruses, targeted attacks and exploitable conditions. You also need to consider that the ease of which a Cloud platform can be spun up and in-production makes for an insecure state; for example - from development to operational can now happen at the flick of a switch, and hence standards, builds and approved configuration usage can quickly become surpassed. Lastly, just with on-premise security, the privileges of administration requires formal management, as it not uncommon for too many users having privileges beyond what is needed when Cloud infrastructure is utilised. Below are a few solutions that can address Cloud infrastructure security.
Symantec CASB
See above for benefits of deploying Symantec’s CASB Service.
DCS:SA for Workspace
Symantec Data Centre Security (SDCS) is designed to protect and control any, and all actions that can be performed on your infrastructure systems and platforms. Locking down approved applications and OS functions, along with safeguarding against zero-day threats and vulnerability compromise. Lastly, DCS-SA can control who can spin-up Cloud platforms and enforce approved build and configuration state.
Opinion & Resources
Download the white paper by Osterman Research on why your company needs third-party security solutions for Office 365 here.
Our experienced Sales Team are fully equipped to advise on the most effective solutions for your business that will ensure your Cloud data is impenetrable whilst offering a return on your investment.
Nigel Lewis