As many of the organizations we work with navigate adopting Zero Trust we have heard that understanding their baseline risks is no easy task. Security teams are accepting that the business will do as it pleases when it comes to finding applications to support their key processes, rather than delegating their requirements to the Information Technology and Information Security teams to make those decisions for them as it used to be. Analysts expect by 2024 that 80% of technology products and services will be built and owned by non-IT professionals. For that reason managing risk means having comprehensive visibility so security teams can inspect, monitor, and protect critical resources.
The proliferation of Cloud IaaS, SaaS, and data sharing applications used by businesses was once manageable when most users were operating in a traditional office environment - on the corporate network and on a corporate managed device. By using traditional tools like Data Loss Prevention, SSL Visibility, and Proxy, IT Security teams had sufficient visibility, for example, an end user may be using an ‘unsanctioned’ cloud service and security admins can respond by blocking that activity.
So, start with visibility. How can you improve visibility in your organization?
It's important to have a full picture of what’s being used in your cloud environment? One of the biggest visibility gaps is in the use of shadow IT, accounting for as much as 97% of all cloud applications in use by organizations. We know risky transactions can slip “under the radar”, and through our Cloud Data Loss Prevention solution we provide the capability to collect, view, and control all transactions from sanctioned or unsanctioned applications. Extend this visibility into Endpoint Security, Proxy and Firewall logs from network devices and proxies to further evaluate shadow IT exposure.
One of the biggest visibility gaps is in the use of shadow IT, accounting for as much as 97% of all cloud applications in use by organizations.
This visibility enables advanced capabilities like continuous risk monitoring and adaptive access controls. Continually assessing user risk in your organization is key and provides security teams with the confidence they need to make real time user access decisions. With Symantec CASB, we can apply risk scores to users and if they go beyond an acceptable threshold, adaptive access controls are in place to reduce someone’s access privileges, reduce privileges for sharing data, and prevent data from being shared with external entities.
With tools like these, business management can begin to quantify the level of risk they currently face and from there they can define their actual tolerance level. Zero Trust is first and foremost an architecture that is built around people, process, and technology - so IT Security teams must partner with the business to mutually decide what actions and controls should be implemented to reduce their risk to the acceptable level. Having a joint program defined then creates opportunities to implement advanced Zero Trust capabilities like continuous monitoring, adaptive access controls, and behavioral analytics - as each can’t be done without an understanding of people and processes.
Accepting that business leaders will adopt applications and services of their choosing, security teams should turn away from trying to stop them and move toward managing risk. Using Zero Trust as a backbone, teams should first look to key technologies that will help them gain the visibility they need so they can collaborate with those same leaders to mutually make the right decisions for how they will manage that risk on an ongoing basis, including implementing new technologies to protect and support the business.
We encourage you to share your thoughts on your favorite social platform.