Field Insights: Top 4 things security teams should be doing (but many aren’t)

Netskope

We regularly do Q&A pieces with Netskope field experts to share their first hand insights from working with organizations.  Read Netskope Regional Sales Manager Kelly Noland’s perspective on the top 4 things IT and security teams should be doing to safely enable cloud usage (but many aren’t)

  1. Understand the shared security responsibilities of your cloud vendor: Many organizations haven’t looked into the security of their cloud-based service provider before entering an agreement. It’s called the shared responsibility model, and it’s advertised clearly by many cloud providers. It seems straightforward but many organizations are confused. Start by understanding the shared security model that exists between you and your cloud provider. Your cloud service provider secures the cloud, but you secure what’s in the cloud
  2. Know how much of your business relies on the cloud and its risk: Even if you don’t officially sanction any cloud services, your employees, partners, customers, and suppliers are using them. Whether you like or not, according to a Ponemon Institute  report, 33% of business data is already in the cloud and beyond your control. As part of the transition to the cloud, it’s critical you understand the risk and your own level of risk tolerance, then focus on mitigating the risk. After running Netskope Introspection for Slack, which uses Slack APIs to provide granular visibility into and control over Slack usage, my customer was surprised at how much sensitive data was being shared publicly and could now take the steps to control and govern usage. Some organizations have a hard time believing cloud-native malware could exist within their environment, given their existing security approaches in place, but are faced with the harsh reality when it’s discovered in their cloud storage service during the POC process. About 50% of my POCs uncover malware in cloud services that has evaded the customer’s existing security tools.
  3. Consider data loss prevention measures and teach users how to keep your data safe: Your data loss prevention solution needs to protect your data while employees are going to the cloud, regardless of where they are when they access the cloud. Many organizations know the confidential data important to them, which can include intellectual property, source code, and personally identifiable information (to name a few), but lack visibility into how users are accessing and sharing data within sanctioned and unsanctioned services exposing them to risk. They haven’t set rules for handling data or implemented policies to make sure it’s not mishandled, and they haven’t  taught their users how to keep their company data safe. Adding a cloud access security broker with advanced, enterprise DLP capabilities can cover these requirements and more.
  4. Determine the scalability of your cloud security approach: Make sure your security tools, procedures and practices for security in the cloud will scale for growth. Can you extend your security policy and controls for one cloud service to all of the cloud services in your environment, both sanctioned and unsanctioned? Vet all security tools used in the cloud to understand how to expand them. How many cloud services can you cover with a single, category-level policy? When you think CASB, think beyond the SaaS apps in use. How many sanctioned SaaS apps will you roll out over the next couple years? What about adding controls for unsanctioned apps that provide real business value? And what about securing IaaS and PaaS? As more applications and infrastructure moves to the cloud, organizations that view CASB as the key platform for cloud security will have an easier time transitioning to the cloud