Cloud-based Security In The Digitisation Era Is About More Than Just Tools


The region’s innovators would agree — life in the cloud is better. Better for productivity, better for costs, better for flexible working.

During the past two years, it has enabled operational continuity and the introduction of new business models; it has kept teams connected and produced unique and scalable customer experiences.

But as all business stakeholders must surely be aware, the cloud brings many security concerns. Enterprises that migrated to the cloud soon discovered that dealing with unmanaged endpoints and third-party networks required a rethink of the legacy security mindset. Currently, many security tools, even ones delivered from the cloud, are designed to solve a single issue, which means they operate in silos. This is an ineffective strategy when it comes to the cloud. With data sprawled across countless cloud apps and users connecting from anywhere, organisations need unobstructed visibility to protect sensitive data while enabling remote access.

To do so, organisations need the same capabilities they had on-premises — visibility and control over users, endpoints and data w but across multi-cloud environments. Security professionals need a single place to write policies that provide dynamic data access, leveraging telemetry into the risk levels n of users, endpoints and the nature of the data itself.

The cloudy perimeter

Legacy security tools perform their specialised tasks with acceptable efficacy because they deal with an environment where everything sits inside a defined perimeter. The cloud splintered this environment and scattered them across third-party infrastructures and private dwellings. Users now work from where they happen to be. Visibility and control have all but vanished. And silos, in terms of data and applications and teams, have become unsustainable, especially as the cybersecurity skills gap persists.

Holes in security postures are everywhere, and each presents a separate challenge to be addressed. Take the example of the virtual private network (VPN). These remote tools, with bolted-on security, only enforce that security at the time of access and provide necessary infrastructure-wide access. If a user account has already been compromised, the VPN will not help. If the remote employee’s laptop runs an OS or application with a critical vulnerability, the VPN will not help. Moreover, the risk levels of users and endpoints change frequently, something VPN cannot detect or keep up with.

Security in the era of hybrid work needs to be more rounded. Data-loss prevention (DLP) can help to penetrate the complexity and build a comprehensive view of all the data owned by the organisation. To do so, DLP needs to be a built-in capability across all your security solutions, whether it’s endpoint security or secure access to cloud apps, private apps and web usage. This enables organizations to efficiently make access decisions that look at both data sensitivity and the risk levels of users and endpoints.

Cloud-born, cloud-raised

Cloud-native security empowers decision-makers in a single place to formulate and enforce policy across users, endpoints and networks in a way that doesn’t impact productivity. Ideally, the cloud platform will allow watermarking, redaction of keywords, restricting downloads, and encrypting all data, whether at rest or in transit. Encryption should also account for sensitivity levels to protect even the most proprietary and regulated data when shared externally.

Implementing the ideal cloud security solution involves more than just technology procurement. Legacy business processes and outdated organisational structures will also need some attention. In many enterprises, there are teams for information security, which are separate from ones for network security, endpoint security, and so on. This can lead to a lack of coherent vision in enterprise security. Each of these teams has its processes, which lead to varying operational speeds and productivity levels. As a result, digitally transforming the security function may be problematic without first addressing these silos.

Then there is the issue of the varying speeds at which core business functions transform. For example, sales and marketing teams traditionally adopt cloud services before, say, finance or human resources. The newly homogenised security team will need to be integral to each project to determine how to secure disparate environments spread across data centres and cloud services.

Far-reaching changes

To secure digital transformation, organisations need to think beyond the tools they purchase. With data spread across countless apps and users connecting from anywhere, the traditional, perimeter-based system that relies on specialisation and silos must be eliminated.

Security solutions must integrate completely, and different teams within an organisation must also work together. It’s only with a unified approach can you ensure that Zero Trust both protects data as well as enables productivity. The cloud has provided limitless potential in all aspects of business operations. Security needs to catch up for organisations to tap into those.

If you liked reading this, you might like our other stories
Can Cognitive AI Inspire Future Model Development?  
The AI and Data-Driven BFSI Future