The old approach of guarding the network and erecting perimeter defences no longer holds true in a rapidly evolving digital world driven by cloud and mobility. As organizations move an increasing proportion of IT capability out of their own data centers and into cloud services, the challenge of security is ever-present.
According to a survey conducted by Osterman Research, 92 percent of organizations store at least some of their sensitive data in the cloud-based services like Salesforce, Office 365, and Dropbox, etc. In this increasing complexity, organisations face stiff challenges when choosing, planning for and deploying security solutions in the cloud.
“Traditional, perimeter-focused security models that sufficed for an on-premises world are no longer effective in a cloud-centric reality,” says Sam Ghebranious, who heads up cybersecurity organisation Forcepoint in Australia and New Zealand.
“IT decision-makers must address new and innovative ways of protecting their corporate data that now resides on-premises, on mobile devices, and in the cloud,” adds Ghebranious.
The litany of security challenges in this new era of cloud-only, hybrid cloud and on-premises delivery models makes it essential that organizations undertake a proactive re-evaluation of their security posture and strategy.
With insider threats becoming more prevalent, it's more important than ever for organisations to understand human behaviour and how staff interact with company data.
This allows organisations to take a human-centric approach to threat prevention based on that information.
A report by Osterman Research, sponsored by Forcepoint, compares the advantages and disadvantages of using different approaches to securing a company's cloud data.
Below are the two approaches recommended in the report, and the pros and cons of each.Two approaches
The two general approaches to addressing whichever pattern is most relevant are integrating best-of-breed products to create a unified security posture or using a unified solution that delivers an integrated best-in-class security posture.
Osterman Research says both of these approaches have advantages and disadvantages.Approach 1: Integrate multiple products
Integrating multiple products is based on the idea that different vendors have different strengths, and that one vendor is unlikely to offer a complete suite of defensive tools.
Organisations proceeding down this path take on-board the responsibility to identify, provision, and integrate the right mix of products to address current and emerging threats.
- Advantage: Organisations can create a tailored security environment that is responsive to the specific threats they are experiencing, using the best-in-class products available to address specific challenges.
- Disadvantage: Acquiring and managing multiple security products is generally a more expensive route compared with buying a unified solution. It comes with the responsibility to manage the complexities of multiple disparate products, such as working with different security interfaces.
- Disadvantage: The capabilities of products from different vendors can diverge over time, undermining an integration story that made sense on day one with the realities of vendors responding to different opportunities in a dynamic market. When one vendor upgrades its security capabilities, and these are dependent on another security vendor that is putting fewer engineering resources into its products, the degraded interlinked dependencies can cause a weakened posture.
- Disadvantage: Organisations going down the integration path need to ensure they have sufficiently well-trained IT security professionals to manage a diverse array of security capabilities. With cybersecurity specialists being difficult to find and expensive as a consequence, the war for talent can render it difficult to find and retain the right people.
Vendors developing a unified security solution attempt to create a wide-ranging offering with as many separate capabilities as well integrated as possible, with usage and management coherency across the different modules and subsystems.
A single pane of glass approach can manage all of the available capabilities, as opposed to having separate and different management interfaces.
- Advantage: While security is an organisational responsibility for many customers, it is a core competency for very few. Coordinating the integration of multiple security products is a conceptually challenging task, with many technical complexities. Acquiring a unified security solution allows an organisation to leverage vendors where security is the core competency.
- Advantage: Vendors often have greater weight in the war for talent, being able to attract top cybersecurity talent with remuneration schemes and challenging and complex work tasks that surpass what any one organisation can deliver. Working with a vendor offering a unified solution gives organisations an indirect way of gaining access to that same talent.
- Advantage: Increasingly, unified security offerings allow subscription to various defences independently, allowing replacement of existing on-premises vendors at staggered renewal times, supporting a smooth transition from multiple products to a unified security posture. This is applicable to UTM vendors that force switching to everything at once. For example, if an organisation's web security is up for renewal and decision makers are looking at replacements, it may be necessary to replace other parts of the defence even if there is still remaining time on those subscriptions.
- Disadvantage: New entrant vendors generally bring new security products to market faster than large and established security vendors can update their unified offerings. This means that new and emerging threats may be better addressed by a new point solution, giving faster protection to organisational networks, applications, data and people in some situations. It must be noted, however, that while employing these point vendors may offer a short-term advantage, it may not be the best long-term strategy.
Organisations that are able to use fewer security products that individually offer more capability are likely to have a lower total cost of ownership and a higher overall level of security.
Fewer, separate products mean lower coordination and configuration costs both initially and over time, a unified end-to-end security solution is likely to provide the best coverage against current, new and emerging threats.
The threatscape is expanding as organisations are migrating more and more of their data and IT functionality to the cloud.
These trends are creating a situation in which the old security models no longer work as well as they once did and must be carefully re-evaluated, new security models must adopted, and new strategies developed to ensure that all sensitive corporate data, regardless of its location, can be adequately protected.
Choosing the right security vendors – arguably a more important priority in the cloud era than it ever was in the on-premises era – must be among the highest priorities for both IT and business decision makers.
“The right vendor needs to provide full visibility and protection of data in the cloud based on a risk-adaptive security approach to ensure round the clock protection of business-critical information," says Ghebranious.