Hybrid IT Can Leave You Blindsided
Almost every organization today must deal with a hybrid IT environment. Employees are increasingly making their own decisions regarding what devices and applications they wish to use. According to recent research by CipherCloud, 80 percent of employees admit to using unsanctioned cloud-based applications and services.
Even if your organization chooses to allow the unfettered use of personal devices along with the apps employees feel they need to use, you still need some level of visibility over what they are doing and where sensitive data is being used and stored. Without it, InformationWeek suggests, the resulting hybrid IT environment can leave the organization with a significant blind spot.
Hybrid IT Harder to Manage
Another recent study by Tenable Network Security found that 88 percent of certain organizations in Europe believe shadow IT leaves them more vulnerable to cyberattacks, making it more difficult to identify and manage the attack surface. Continuous visibility into events is required in order to prevent attacks.
When applications are provisioned on-premises, gaining control and visibility is easier to achieve using systems such as SIEMs and log event managers. But these tools can’t provide visibility into which cloud apps are being used, and this can leave an organization unaware of possible security risks.
CASBs Reduce Blind Spots
To provide organizations with the visibility, they need a new class of service to regain control over both cloud and shadow IT environments. This type of service has been dubbed a cloud access security broker (CASB).
CASBs serve as security policy enforcement points between consumers of cloud services and the service providers. They enable organizations to enforce policies such as authentication, single sign-on, authorization and encryption standards and requirements so they can regulate the use of company cloud services at critical points they wouldn’t otherwise pay attention to. According to Gartner, the nascent market for CASBs will grow from use by just 5 percent of large enterprises in 2015 to some 85 percent by 2020.
CASBs can help to ensure secure and compliant use of multiple cloud services, the control options for which vary widely among providers and applications. Ultimately, however, they can enable the CIO to see and manage which users are doing what so they’re in compliance with where sensitive data resides and how should be used. This helps in reducing the risk that organizations face when staff are given unfettered access to cloud-based services, considerably reducing their potential exposure to harmful data breaches.
No organization can turn back the clock and assume that only sanctioned applications and services are being used. The hybrid IT environment is here to stay, but the blind spot between the on-premises data center and the cloud environment can be reduced to a great extent with the use of a CASB.