Do you work from home? Before the 1st of March that answer probably wouldn’t have gotten much affirmative response. Today, however, is a much different story. Most of us are probably working from home or working in some sort of remote fashion. Personally, I’ve worked from home for a number of years. Which means I’ve also worked from coffee shops and co-working spaces and just about anywhere I could get an Internet connection.
The capability to work from anywhere is a huge productivity boon for the average knowledge worker. It’s also a nightmare for the average security professional. The defense perimeter we’ve spent years building with firewalls, data loss prevention (DLP), and other kinds of security controls collapses like a house of cards as soon as someone is outside the edge of the network. BYOD and remote work are the bane of security pros everywhere. How can you ensure that your users are secure when you can’t see where they’re going?
If It Ain’t Broke(r)
The best way to ensure that your users are doing the right thing when it comes to security is to use a broker. Specifically, a Cloud Access Security Broker (CASB) is what you’re going to want to use to make everything secure and safe.
A CASB sits between the user and the data or application and acts like a proxy of sorts. It is intercepting traffic between the two endpoints and enforcing policy on that traffic. CASBs can help you do simple things like enforce Internet usage policies for risky sites or inappropriate content, which makes it great for students. A CASB can all help you ensure that data is being accessed properly and securely. A CASB can encrypt the data as it is in-flight to help prevent people from eavesdropping. CASBs can also protect against malware or ransomware being installed in your environment. Because it monitors and enforces policies on the communications, you can prevent infection from known or unknown vectors because they fall outside permitted rules.
The other thing that should make a CASB a high-priority piece of your security policy is the fact that they can be used with any device. Laptops, desktops, tablets, and even phones are able to be configured and enforced. Because you can also tell the difference in the types of devices the user has with them, you can restrict the flow of data to them. Maybe your policy is that corporate laptops have an Internet filtering policy but phones do not. Or maybe you can’t download certain types of files to mobile devices. These are all security policies that can be configured with a CASB.
Glass Half Full
When I was at RSA Conference this year I had a chance to sit down and talk to Ben Rice of BitGlass about their CASB solution. He told me that one of the biggest drivers for adoption of CASB software comes from companies that are either hesitant or lost when it comes to their digital transformation initiatives. For companies that aren’t sure how to proceed, the idea of trying to figure out what you need from the limitless numbers of applications that try to help you along the way.
However, companies need guidance. They need to understand what programs are going to help them at the start of the journey and which ones are going to help them all over the spectrum. Tools like the BitGlass CASB are great examples of small investments that can pay off with huge rewards down the road. By increasing your security posture now at the beginning of the journey you can ensure that every other step along the way has a good, secure foundation. Better yet, if you find yourself in an industry that is highly regulated, like finance or healthcare, having a CASB can enhance your compliance and ensure that auditors aren’t going to ruin your day.
Ben told me that he’s seeing a lot of success with companies that feel the need to enable security but don’t know what to do. I like this approach quite a bit. Companies like BitGlass are all about helping people see where they can improve. They’re not trying to forklift in huge amounts of hardware or get their salesperson a new boat. Instead, BitGlass is priced per user, per month. It’s sensible and is a great investment in security for a workforce that may be more remote than ever before even after current events have lessened somewhat.
Bringing It All Together
I told one of my old school IT friends about CASBs late last year. With the number of devices that are being sent home with people even at the end of 2019, there has to be some way of keeping them secured. Sitting in the second quarter of 2020 has just highlighted the need to keep everything safe and sound. If you don’t already have a CASB solution you should definitely take a look at BitGlass. They have a great product with great pricing that can work with your current application and help you figure out what you need to protect as you continue your digital transformation. Even if all you do is work from a coffee shop on a regular basis, it can’t hurt to check out BitGlass!