Hybrid IT Can Leave You Blindsided

By: Fran Howarth| - Leave a comment

Bigstock

Almost every organization today must deal with a hybrid IT environment. Employees are increasingly making their own decisions regarding what devices and applications they wish to use. According to recent research by CipherCloud, 80 percent of employees admit to using unsanctioned cloud-based applications and services.

Even if your organization chooses to allow the unfettered use of personal devices along with the apps employees feel they need to use, you still need some level of visibility over what they are doing and where sensitive data is being used and stored. Without it, InformationWeek suggests, the resulting hybrid IT environment can leave the organization with a significant blind spot.

Hybrid IT Harder to Manage

Another recent study by Tenable Network Security found that 88 percent of certain organizations in Europe believe shadow IT leaves them more vulnerable to cyberattacks, making it more difficult to identify and manage the attack surface. Continuous visibility into events is required in order to prevent attacks.

When applications are provisioned on-premises, gaining control and visibility is easier to achieve using systems such as SIEMs and log event managers. But these tools can’t provide visibility into which cloud apps are being used, and this can leave an organization unaware of possible security risks.

CASBs Reduce Blind Spots

To provide organizations with the visibility, they need a new class of service to regain control over both cloud and shadow IT environments. This type of service has been dubbed a cloud access security broker (CASB).

CASBs serve as security policy enforcement points between consumers of cloud services and the service providers. They enable organizations to enforce policies such as authentication, single sign-on, authorization and encryption standards and requirements so they can regulate the use of company cloud services at critical points they wouldn’t otherwise pay attention to. According to Gartner, the nascent market for CASBs will grow from use by just 5 percent of large enterprises in 2015 to some 85 percent by 2020.

Regain Control

CASBs can help to ensure secure and compliant use of multiple cloud services, the control options for which vary widely among providers and applications. Ultimately, however, they can enable the CIO to see and manage which users are doing what so they’re in compliance with where sensitive data resides and how should be used. This helps in reducing the risk that organizations face when staff are given unfettered access to cloud-based services, considerably reducing their potential exposure to harmful data breaches.

No organization can turn back the clock and assume that only sanctioned applications and services are being used. The hybrid IT environment is here to stay, but the blind spot between the on-premises data center and the cloud environment can be reduced to a great extent with the use of a CASB.

Topics: , , , ,

Comments

About The Author

Fran Howarth

Freelance Writer

Fran Howarth is an industry analyst and writer specializing in cybersecurity. She has worked within the security technology sector for more than 25 years in an advisory capacity as an analyst, consultant and writer. Fran focuses on the business needs for security technologies, with a focus on emerging technology sectors. Current areas of focus include cloud security, data security, identity and access management, network and endpoint security, security intelligence and analytics and security governance and regulations. Fran can be reached at fhowarth@gmail.com.

Articles by Fran Howarth
See All Posts