As 2017 approaches, companies realize that the migration of workloads and data to the cloud is no longer a question; it’s an inevitability. While this reality is transforming businesses for the better, it is also exposing them to a growing number of security issues. For security and risk (S&R) professionals, concern over cloud security is driving demand for help in the form of best-in-class cloud security gateway (CSG) providers.
If you’re not sure how to strategically choose the right CSG provider, The Forrester Wave™: Cloud Security Gateways, Q4 2016 provides important guidance. The report lists the capabilities that are critical in ensuring integrated data protection and activity monitoring in the cloud. Always look for these capabilities when choosing a CSG vendor.
- Detect and intercept unusual or fraudulent activities associated with data in the cloud. It is not uncommon for sales reps to access 10-15 customer records in a day. However, when a sales rep is found to have downloaded thousands of records in a day, this signals suspicious activity. It is critical for S&R pros to be alerted to such actions immediately in order to prevent the breach or exfiltration of sensitive data.A CSG solution needs to provide detection and notification capabilities in cases of anomalous
- Detect, neutralize, and eliminate malware in cloud platforms. As the adoption of productivity platforms like Dropbox and OneDrive continue to rise, so does exposure to malware. It is easy for users to upload, share, and download files containing malware to cloud storage platforms where traditional endpoint protection software can’t detect it. This malware can give hackers complete access to sensitive corporate data.Leading CSG solutions can identify, quarantine, and neutralize malware before any damage is done.
- Protect against leaks of confidential information. It is not uncommon for well-intentioned but ill-advised employees to unwittingly leak company data to cloud email storage platforms. Leaking documents that contain personally identifiable information or intellectual property can jeopardize future plans, as well as regulatory compliance. Once it’s out there, traditional on-premises data leak prevention (DLP) cannot cover data moving between cloud applications and platforms.CSG solutions with DLP specialize in cloud enabled DLP coverage.
- Encrypt structured and unstructured data in cloud platforms. Why? Because cybercriminals can’t sell encrypted data on black markets, so the motivation to steal it is greatly diminished.According to Forrester, savvy S&R pros prefer third-party CSG vendors for storage and management of encryption keys and search, filter, and sort indices of the data over their cloud platform’s built-in data encryption.
- Investigate and report on suspicious users and incidents. Detection and protection against malware are crucial, but they’re not enough. S&R pros require a platform that answers investigative questions (who did what, when, and where), as well as visual reports of incidents and trends.When implemented correctly by a CSG provider, investigative and reporting tools can highlight significant patterns of unsanctioned cloud application use and help improve a company’s security posture as they migrate to the cloud.
Symantec leads the CSG pack
In their report, Forrester evaluates and scores the top eight CSG vendors based on past research, user needs assessments, and vendor and expert interviews. The result? Symantec scored higher overall than any other CSG vendor.