As businesses embrace the Digital Transformation and become increasingly cloud-native, mobile and interconnected, the corporate network perimeter is gradually disappearing, exposing users to malware, ransomware, and other cyber threats. Traditional perimeter security tools no longer provide adequate visibility, threat protection, and scalability, nor can they offer convenience and productivity for users on the go.

In a crisis, a cybersecurity strategy is a matter of survival

The previous paragraph summarizes what KuppingerCole, along with many other industry experts, has been preaching for years. Unfortunately, for many organizations, especially the larger ones which have been investing in traditional on-prem security solutions for decades, rethinking their cybersecurity strategies so radically and so quickly was something they weren’t ready for yet. The coronavirus pandemic has changed a lot. In a crisis situation, just like the world is facing now, being able to quickly adapt business processes and security policies for remote work is no longer a luxury, but a matter of survival for many companies.

In a way, doing their own cybersecurity has never made much more sense for most companies (with a handful of notable exceptions in military, banking or other highly regulated industries) than generating their own electricity. Managing their own on-premises security infrastructures, companies keep struggling with maintenance and updates, constantly adding support for new threats and addressing the growing skills gap and shortage of experts. However, for a long period, that was the only available option…

Modern, scalable cloud alternative to the rescue

Luckily, a modern, convenient, and scalable alternative has already been available for quite some time. An increasingly popular replacement to traditional on-premises security solutions, which are not only costly and complicated but create a performance and productivity bottleneck for remote users, is a security gateway operating directly in the cloud or rather a whole “security cloud” consisting of multiple breakout points across different geographical regions. Such solutions help organizations protect their users from a broad range of cybersecurity threats without the need to deploy any on-prem hardware and sometimes even software agents, greatly reducing the cost and complexity of a corporate security infrastructure.

Most IT experts are already familiar with modern cloud-native “antivirus replacements” – endpoint protection, detection and response solutions that protect computers from malware using the cloud not only for management but for security event correlation, behavior analysis and threat intelligence. However, this is by far not the cutting-edge technology anymore. Vendors like Zscaler, Akamai, Cisco or Cloudflare among others are now offering general-purpose security cloud platforms, which can protect your users from a wide range of threats (not just malware, but web-based exploits, malicious websites, phishing campaigns and even internal data leaks) with fully transparent inline network traffic analysis and policy enforcement.

Keep your employees protected anywhere, even working from home

With such a solution, every user or device outside of the corporate perimeter can continue using the Internet without any performance penalties and changes in user experience, yet constantly remain protected from the latest cyber threats the same way they used to feel at their office workplace. This way, a secure cloud gateway can be considered the first line of defense in a multilayered “defense in depth” security infrastructure, providing visibility into all internet activities, enforcement of the most important security and compliance policies and identifying and mitigating cyber attacks.

Some of those platforms even claim to be able to enforce their protection without any agents to deploy on endpoints, relying instead on techniques like DNS redirection to intercept and analyze network requests to the Internet. One crucial distinction among these solutions is the range of network protocols and services that they are able to intercept, analyzing and mitigating threats in real-time – some solutions may only focus on web traffic, others only on e-mail security and so on. Relying on a specific interception technology may further limit a solution’s ability to protect against specific threats.

Security from the cloud – battle-tested in a pandemic!

Therefore, it cannot be stressed enough that these security clouds should not be considered a universal replacement for all existing security capabilities. On the contrary, choosing one requires careful evaluation of offered functionality and consideration of how they are able to address the security risks for your business you’ve (presumably) identified earlier.

However, waiting even longer is also not a viable scenario: the ongoing pandemic has been a once-in-a-lifetime opportunity for cloud security vendors to demonstrate that their solutions are scalable and resilient enough to withstand the massive usage spikes generated by people working from home for weeks. Some are even offering their services for free for the time being. If you were still reluctant to jump the cloud security bandwagon until recently, now is the best time to give it a try!

See also