Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Membership
Join as an Organization
Enterprises
Solution Providers
Contact Us
Current Members
Initiatives & Partnerships
AI Safety Initiative
CxO Trust
Zero Trust Advancement Center
Trusted Cloud Providers
Trusted Cloud Consultant
Other Opportunities
Event Sponsorships
Join as Individual
Chapters
Circle Community Forum
Research Working Groups
Volunteer Opportunities
STAR Program
STAR Home
STAR Registry
Submit to Registry
Provide Feedback
Certified STAR Auditors
STAR Enabled Solutions
Stay compliant in the cloud
CCAK Training
STAR Lead Auditor Training
Training for Government Agencies
Governance, Risk & Compliance Tools
Cloud Controls Matrix (CCM)
Consensus Assessment Initiative Questionnaire (CAIQ)
EU Cloud Code of Conduct
STAR Level 1
At level one organizations submit a self-assessment.
View companies at level one
Learn about level one
STAR Level 2
At level two organizations earn a certification or third-party attestation.
View companies at level two
Learn about level two
Certificates & Training
Online Platform
Knowledge Center
CSA Exams
Events
Learn and network while you earn CPE credits.
Virtual Events & Webinars
Event Sponsorships
Certificates
Certificate of Cloud Security Knowledge (CCSK)
Certificate of Cloud Auditing Knowledge (CCAK)
Certificate of Competence in Zero Trust (CCZT)
Digital Badges
Trainings
Zero Trust Training (ZTT)
Cloud Infrastructure Security Training
STAR Lead Auditor Training
Advanced Cloud Security Practitioner (ACSP) Training
CCSK Train the Trainer
Training Network
Become an Instructor
Become a Training Partner
Specialized Training Options
Train my entire team
Training for Government Agencies
Research
CSA Research
Latest Research
Working Groups
Open Peer Reviews
Research Topics
Strategic Initiatives
AI Safety Initiative
Zero Trust Advancement Center
CxO Trust
Trusted Cloud Consultant
FinCloud Security
Thought Leadership
CloudBytes Webinars
Blog
Getting Started with CSA Research
Cloud security best practices
Assess your cloud compliance
Security questionnaire for vendors
Top threats to cloud computing
Awards & Recognition
Juanita Koilpillai Awards
Research Fellows
Critical Topics
AI Safety Initiative
AI Technology and Risk
AI Governance & Compliance
AI Controls
AI Organizational Responsibilities
Enterprise Architecture
Blockchain
Zero Trust
DevSecOps
Top Threats
Cloud 101CircleEventsBlog
Register for CSA’s free Virtual Cloud Trust Summit to tackle enterprise challenges in cloud assurance.

Why Do I Need a Next-Gen Secure Web Gateway?

Home
Industry Insights
Why Do I Need a Next-Gen Secure Web Gateway?

Blog Article Published: 12/16/2022

Originally published by Lookout.

Written by Stephen Banda, Senior Manager, Security Solutions, Lookout.

The internet is now your default corporate network. This has some major perks — it means that your employees can access whatever they need from wherever they need it.

But using the internet like this has also made your organization's security posture more complex. People are using networks and devices your IT doesn't manage, and they are accessing data that is scattered across countless apps. And you can’t forget the prevalence of internet-based threats like phishing, which can steal credentials and deliver malware.

To keep data protected while still providing seamless access to employees, organizations are now moving to a zero-trust strategy, which asks users and devices to prove that they are trustworthy rather than assuming that they are. A true zero-trust approach requires security solutions that work together, and a key piece of this puzzle is a secure web gateway (SWG).

Traditionally, SWG is a piece of hardware that sits at the edge of your corporate perimeter to monitor web traffic as users connect to the internet. But now, nearly all connections happen via the internet. And because your data now resides in the cloud, there’s no point in redirecting traffic back inside your corporate perimeter to be filtered. Not only does this create a poor user experience, but the traditional SWG lacks visibility into any traffic that isn’t forced back on premises.

To support the way your organization now operates, you need a modern, cloud-based SWG that matches the way you work.

With greater flexibility comes greater risk

It used to be that the internet was only an occasional destination for employees. That, combined with the fact that most users and devices were located inside a corporate office, meant that a physical piece of SWG hardware could do the job of inspecting web traffic just fine.

But now, your employees are working from anywhere, and they’re using the internet to access the things they need. While the flexibility of being able to work from anywhere and on any device makes your users more productive, it also introduces new risks. Your corporate data could be leaked via employees’ personal web apps, social media, and more, and the constant exposure puts you at a higher risk for phishing attacks and other internet-based threats. This means a physical piece of hardware simply can’t protect against the volume and variety of internet-based threats.

A traditional hub-and-spoke approach to monitoring web traffic is also unnecessarily complex, leading to a poor end-user experience, which in turn puts a damper on productivity. Your organization needs a tool that allows you to enforce acceptable use and restrict access to websites based on corporate policies, even when employees aren’t in the office.

Security doesn’t stop with SWG

To find the right SWG solution, organizations need to think beyond product. Finding a cloud-delivered SWG rather than a piece of physical hardware is a good start, but it shouldn't be your only criteria. Instead, you need the ability to efficiently enforce policies across your entire organization — whether your employees are working on the internet, in cloud apps, or in private apps.

In order to protect corporate data and enforce governance, your organization needs full visibility and the ability to enforce granular controls. This starts with tools like URL filtering and malware detection, but that’s not where it stops. Because it’s so easy for employees to use web apps — even when they’re unsanctioned — you also need to be able to automatically detect shadow IT and enforce data protection policies.

But a cloud-based SWG should only be one part of a well-rounded security solution that also includes a cloud access security broker (CASB) and zero trust network access (ZTNA). Working together as part of a unified security service edge (SSE) solution, these tools will extend your security protections from internet traffic to cloud apps and private apps, as well.

Zero Trust

Share this content on your favorite social network today!

Latest from CSA
Join AT&T Cybersecurity in Chicago
The State of AI and Security Survey Report
CSA's STAR: The Key to Cloud Security & Compliance
Trending This Week
#1 The 5 SOC 2 Trust Services Criteria Explained
#2 What You Need to Know About the Daixin Team Ransomware Group
#3 Mitigating Security Risks in Retrieval Augmented Generation (RAG) LLM Applications
#4 Cybersecurity 101: 10 Types of Cyber Attacks to Know
#5 Detecting and Mitigating NTLM Relay Attacks Targeting Microsoft Domain Controllers
Secure your cloud data with Zero Trust Training
Related Articles:
What’s in a Name? Defining Zero Trust for Leaders

Published: 04/22/2024

Implementing a Data-Centric Approach to Security

Published: 04/19/2024

7 Common Causes of Data Breach: Safeguarding Your Digital Assets

Published: 04/18/2024

Protocols are Passé. APIs are Key for Effective Zero Trust Implementation.

Published: 04/12/2024