Five Steps Towards Building a Better Data Security Strategy
Originally published by Lookout.
Written by Sundaram Lakshmanan, CTO of SASE Products, Lookout.
In the past when organizations had a new security need, they would meet that need by purchasing a new security product. But that approach is how we ended up with an average of 76 security tools per enterprise, according to a 2021 survey from Panaseer.
You may have a lot of tools, but that doesn’t mean your information is protected. This patchwork of products makes it harder for your IT team to maintain full visibility and control over your data, they end up getting bogged down with managing multiple consoles instead of getting ahead of potential problems.
This creates new security risks, not just to users and applications, but also to your sensitive data. As a result, conventional security products don’t have the visibility needed to handle threats to sensitive data.
But it doesn’t have to be this way. A unified edge security platform can give you the visibility and control you need to create a modern and efficient architecture for protecting users, applications and data.
Perimeter-based security calls for point products, and that legacy strategy has unfortunately bled into the way we think about cloud security. Instead, organizations need to work to modernize IT infrastructure by embracing a comprehensive, unified platform that enables them to make intelligent Zero Trust decisions and protect data.
Here are four steps to building a more effective and efficient security strategy:
With cloud services and a hybrid workforce, your employees can now access corporate resources from any endpoints, including unmanaged personal mobile devices. But this means threats like vulnerabilities, phishing attacks or risky networks get introduced. To make sure that your data is protected, your data access policies need the ability to check the security posture of your endpoints so you can effectively detect and respond to any threats that arise.
User behavior and endpoints are always changing — and so are their risk levels. To keep up, you need a security solution that can continuously assess those risks and regulate user and endpoint access accordingly. This level of assessment means you can dynamically enforce security policies — an endpoint that connects to unsecured Wi-Fi will face milder security limitations than a user trying to exfiltrate large amounts of sensitive data.
Apps that run in data centers or private clouds need the same dynamic access as cloud apps. In the past, organizations have used virtual private networks (VPN) and identity access management (IAM) to act as gatekeepers, but those allow anyone to move freely within the entire network as long as they have passed the authentication. Rather than relying solely on VPN and IAM, a unified platform can give you insight into user and endpoint risk postures, and data sensitivity risks, ensuring that data in your private apps is secure.
The internet has essentially replaced your secure corporate network deployed inside physical perimeters. To protect your data from internet-based threats, you need the ability to monitor all web traffic and intercept malicious content before it reaches your network or devices. An integrated solution will have inline controls to analyze internet traffic and a threat intelligence engine that stays up-to-date with the latest threats. You should also be able to use it to enforce corporate acceptable use policies and compliance requirements, as well as to block users from accessing potentially malicious URLs and IP addresses.
Your employees and partners are likely using cloud apps that you don't own, but these unsanctioned apps — sometimes known as "shadow IT" — may frequently handle sensitive information. In order to keep that data protected, you need to be able to identify shadow IT, monitor their usage and enforce security controls. An inline proxy can give you the same sort of visibility and control over shadow IT as you have over your own cloud and private apps.
Whether your employees are in the office, on the road or working from home, by continuously keeping tabs on users, endpoints and data access, you can create a seamless Zero Trust environment. This granular assessment means that workers are granted the access that is appropriate for their needs, which means you don’t necessarily expose your sensitive data.
Separate products means you don’t have a full picture of what’s going on. Instead, you have to rely on your security team to put the puzzle pieces together — a time-consuming task with plenty of room for human error. And because you have limited visibility into cloud apps and employees’ personal devices, a hybrid workforce puts you in an even riskier security position.
On the other hand, a unified solution consolidates all your intelligence and policy frameworks, ensuring that you can focus on enabling your users with the resources they need. With continuous assessments of what's happening with all your endpoints, apps as well as the sensitivity level of data, your security team can create more effective security policies that let you enforce intelligent Zero Trust access without hindering the productivity of your hybrid workforce.
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.