Page 48 - FCW, April 2017
P. 48

DrillDown
at three levels as defined by the National Institute of Standards and Technology’s Special Publication 800-53.
Yet even if an IT security manager has faith in the security of the under- lying cloud service provider, what happens when an agency uses a SaaS application? In that case, it is likely that sensitive data will be stored and con- trolled by the third party and used by
lenges by continuing to add tools and then working internally to integrate them. I have rarely seen that strategy work well.
Instead, I have become a proponent of the view that the best approach to addressing enterprise IT security challenges is the use of an IT secu- rity platform that provides a range of capabilities to help prevent and, when necessary, detect breaches in the enter-
IT organizations
must develop a comprehensive approach for addressing the security challenges that come with relying on third- party computing
and applications, even though the user and data might never traverse the organization’s own network or data centers.
prise. In this market, Palo Alto Net- works, Cisco and Check Point Software provide integrated platform solutions. (Full disclosure: I am member of the Palo Alto Networks Public Sector Advi- sory Council.)
As an example of the value of that approach, Palo Alto Networks has recently extended its platform capabili- ties into cloud solutions and SaaS appli- cations. What is particularly intriguing (and operationally appealing) is that I can set my security controls for a type
of data — for example, I could tailor the controls to the data’s sensitivity — and the technology enables me to enforce those policies throughout its platform, regardless of whether that data resides in my data center, an outsourced data center or a SaaS application on a pub- lic cloud.
That approach greatly simplifies administration of security policies throughout an enterprise and offers
advanced threat prevention. Furthermore, attackers are increasingly using an exploit that seeks to infect users with malware via SaaS-based applications because adversaries know that most orga- nizations cannot monitor those applications in the same way they monitor internally based tools. A key component of IT security platforms is the ability to bring threat detec- tion and prevention capabilities to all aspects of the IT infrastructure and applications, including those
residing in the cloud.
The use of SaaS-based appli-
cations is becoming a preferred approach for rapidly delivering new capabilities. The demand is coming from business users, and therefore, IT organizations must plan for con- tinued expansion in the number and use of SaaS applications. They must also develop a comprehensive approach for addressing the security challenges that come with relying on
third-party computing and applications, even though the user and data might never traverse the organization’s own network or data centers. n
Richard A. Spires has been in the IT field for more than 30 years, with eight years in federal government ser- vice. Most recently, he served as CIO at the Department of Homeland Secu- rity. He is now CEO of Learning Tree International and serves as chairman of Resilient Network Systems.
the agency’s customers or partners ways that do not subject the data to the agency’s network, firewalls or other directly controlled security devices or processes.
For CIOs and chief information security officers, that situation raises significant concerns because SaaS applications can leave agencies with little visibility into or control over the security of the application and its data. Therefore, the second chal- lenge is how to extend an agency’s security policies and controls to public clouds and SaaS applications.
That challenge has given rise to what are known as cloud access security brokers. Those products serve as security enforcement points on premises or in the cloud, and they logically exist between the agency and the cloud service pro- vider to provide a range of services that include identity authentication and authorization, device profiling, application whitelisting, encryption, alerting and malware detection.
in
Some of the leading vendors in the market are Bitglass, Symantec’s Blue Coat, Cisco Systems’ Cloudlock and Skyhigh Networks. The use of such solutions is growing rapidly, with Gart- ner reporting that 85 percent of large organizations will use them by 2020, up from less than 5 percent in 2015.
On the positive side, such vendors have significant capabilities and are filling a void in the market. As a for- mer CIO, however, I have a jaded view of solving enterprise IT security chal-
32 April 2017 FCW.COM










































































   46   47   48   49   50