Six Key Characteristics of a Modern Secure Web Gateway

This blog was originally published by Bitglass here.

As we head into the second quarter of 2021 and mark a full year of remote work for many organizations, it is clear that the COVID-19 pandemic has accelerated digital transformation globally and changed the future of work — likely permanently. A recent Harvard Business School Online survey showed that the vast majority (81%) of employees want to continue remote work even after the pandemic, with many reporting improved productivity while working from home.

In order for organizations to continue to thrive in a distributed work environment, they must ensure that security is also modernized to appropriately support new realities. This means making certain that key security solutions like secure web gateways (SWGs) are able to overcome the challenges associated with today’s workforce.

For those in the market for a new SWG, we’ve summarized the six key factors to look for in a modern solution.

1. Architecture capable of supporting cloud-centric remote work

The most important factor when considering an SWG is architecture. Today’s workforce expects highly available solutions with low latency regardless of location. This is doubly important with global or remote employees who may be using residential internet. Any solution that adds additional latency through on-premises appliances, traffic backhauling to cloud proxies, or additional network hops is not scalable in modern business environments. An effective, modern SWG should be installed at the edge, directly on users’ devices, to support user productivity, business continuity, and security.

2. Real-time threat protection

We’ve discussed the important role SWGs play in stopping advanced threats before, and the stakes are even higher when a considerable part of your workforce is beyond the protection of corporate firewalls and cannot simply walk up to a security help-desk to ask for assistance. With new cyberattacks reported daily, effective SWGs need to be able to block access to malicious sites and prevent downloads of malicious content in real time. This means they cannot rely solely on signature-based detections that will miss zero-day threats and must use behavior-based detection technologies, instead.

3. Robust data loss prevention (DLP) capabilities

As users generate more and more data, there is greater risk for data loss, whether accidental or otherwise. Modern SWGs need to be able to support advanced DLP use cases, such as those that require the use of advanced regex or exact data match, to prevent unwanted data loss through web uploads. Leakage must be prevented before it happens, not responded to after the fact through reactive alerts.

4. Unmanaged application control

With increased app usage as well as increases in the numbers of locations and devices they are used in, unmanaged application control is critical. However, blocking an app should not be the only option. Ideal SWGs provide granularity and flexibility in application control, allowing users to be productive while ensuring security and adherence to corporate policies. Look for dynamic coaching and machine learning capabilities which can render shadow IT read only to control unmanaged apps and enable compliance.

5. Granular visibility and and reporting

With 61% of organizations already lacking unified visibility across IT ecosystems, widespread remote work only exacerbates the problem. SWGs need to be able to clearly report who is accessing what across all user devices, regardless of physical location or network used. The SWG’s reporting capabilities also need to serve the dual purposes of validating security policies as well as showing regulatory compliance in audits.

6. Part of a comprehensive SASE offering

Along with cloud access security brokers (CASBs) and zero trust network access (ZTNA), SWGs make up a key pillar of secure access service edge (SASE) architectures. Consequently, as organizations move to adopt SASE, ensuring a chosen SWG is part of a comprehensive SASE offering will simultaneously ensure total cloud security and future-proof investments.