How To Secure Your Business From the Endpoint to the Cloud
Are you overlooking the most common security risks?
It is a critical time for enterprises to reevaluate their current cloud security strategy to ensure the safety and security of confidential data within the digital transformation process, alerts Aaron Cockerill, chief strategy officer at Lookout.
Over the last few years, organizations have made significant progress with their digital transformation journeys by rapidly adopting cloud services and introducing bring-your-own-device (BYOD) policies to enhance user collaboration and productivity from any working location. However, this new style of working has made it difficult for enterprises to locate where their physical data resides within the IT infrastructure.
Previously, data was stored behind a firewall to give security teams complete control. However, the transition to the cloud has forced them to change their approach to how they manage and protect their data. The expanding usage of SaaS apps, legacy tools and BYODs within today’s modern enterprises has made it highly challenging for security teams to keep track of their data, consequently hindering their ability to control and secure it from adversarial attacks.
While some organizations assume that the solution to the issue lies in forcing their employees back into the office, they fail to acknowledge that this course of action not only hinders productivity but is also ineffective in tackling cloud-based threats.
1. Moving Away From VPNs
Enterprises have relied on virtual private networks (VPNs) for decades to secure remote end users. Yet, the growing risks prompted by the rapid adoption of cloud services and the introduction of new technologies within organizations have made VPNs more obsolete and ineffective in doing so. VPNs were initially designed only to support a small number of remote users, enabling the occasional employee working outside of the office to connect to the network perimeter. However, VPNs are now under constant strain due to the acceleration of remote working, which has disrupted the flow of network traffic and diminished the productivity benefits of using apps within the cloud.
Additionally, VPNs are insecure due to their ability to expose entire networks to harmful threats such as malware, DDoS and spoofing attacks. As a result, once an attacker has bypassed the network through a compromised device, they can move laterally through the entire system and have the means to bring the network down. While many organizations are familiar with the risks associated with the use of VPNs, eliminating them altogether would result in the loss of legacy security tools such as data loss prevention (DLP). Therefore, modern enterprises need to consider moving beyond the confines of VPN connections for remote users and seek to adopt a more modernized approach to DLP and remote access to enable users to work safely and securely from any location.
2. Managing Devices With Risks
Future cyberattacks will focus on vulnerabilities created by impersonation and, in turn, are moving away from traditional methods of targeting enterprises with malicious code. Threat actors are altering their tactics to perform more sophisticated attacks that are harder to detect within the system. For instance, rather than deploying easily detected malware into enterprise systems, hackers may decide to invest in compromised credentials from the Dark Web or use other sophisticated attack methods to trick users into sharing their information.
The advancement of adversarial attacks has made the organization’s endpoints, both managed and unmanaged, vulnerable and at risk. Yet, many organizations still heavily depend on the mindset of “we manage this device, so we trust it.” Their failure to acknowledge that managed devices are still at danger of risk can be concerning as management only enforces basic measures that don’t provide any visibility into the risk level of the device, making them vulnerable to attacks.
This belief is self-limiting to organizations especially in the event of a user accidentally clicking on a phishing text or downloading confidential corporate documents, as the repercussions of these instances could jeopardize the safety of critical data. Instead, enterprises need to eradicate the preconceived notion that all devices are at low risk by continuously authenticating users and devices, especially when taking into consideration the proliferation of BYOD programs.
See More: EDRs Don’t Stop Cobalt Strike: What Does?
3. The Complexity of SaaS Apps
The onboarding of SaaS apps within modern enterprises is becoming more popular as they help improve accessibility, operational management and are cost-effective. However, the downside to having these applications is that they can introduce security risks that are often overlooked due to the complex nature of their design. While previously on-premises applications enabled enterprises to set access controls and privileges centrally using tools such as active directory group policy, cloud environments do not offer a standardized policy administration.
Every SaaS app requires a different set of operational controls, and when using multiple, it’s often difficult for security teams to keep track of where sensitive data resides and who can access it. Consequently, this could lead to a data breach. Therefore, enterprises may need to consider recruiting SaaS app experts to monitor each individual app, to then enforce set authorization rules consistently to protect sensitive data in the cloud. While this suggested method may be the most realistic way to handle security, it highlights the reason SaaS app misconfiguration creates a high risk of breaches.
Taking a Data-centric Approach for Endpoint-to-cloud Security
One of the most important steps modern enterprises can take in transitioning to the cloud, besides eliminating legacy tools like VPNs and on-premises DLP, is to plan their cloud security strategy. Ideally, enterprises would highly benefit from investing in cloud-based tools like zero trust network access (ZTNA) and cloud access security brokers (CASB) to enable them to monitor their data and secure their cloud apps without the risk scenarios of cloud misconfiguration and credential theft.
Both solutions are a better alternative to sending traffic back to the perimeter and hindering user productivity or forcing employees back into the office. Additionally, combining ZTNA and CASB with cloud-based data protection capabilities and endpoint security enables enterprises to continuously monitor the level of risks posed by all the devices interacting with company data. This allows enterprises to build a robust security environment within the cloud to encourage user productivity from any location while keeping critical enterprise data safe and secure.
How are you tackling endpoint-to-cloud security? Share with us on Facebook, Twitter, and LinkedIn. We’d love to hear from you!
MORE ON CLOUD SECURITY
