A New Way to Secure Your Cloud Resources

Digital transformation and cloud adoption aren’t hollow buzzwords for enterprises and software vendors.

Competing in an increasingly demanding business environment, these companies can’t afford to get bogged down by traditional “legacy” IT environments, where processes and infrastructure consume vast amounts of time and resources. That’s why many businesses have decided to leverage cloud infrastructures. Not only does the cloud allow for greater flexibility but it also helps reduce the capital requirement needed to deliver new services to customers.

However, new cloud paradigms also present new security challenges.

Organizations once could protect their services, applications and data simply by deploying firewalls, VPN solutions and appliance-based Intrusion Detection and Intrusion Prevention systems in conjunction with network traffic analysis. In the pre-cloud era, everything was centered inside of the company’s network perimeter with users, servers, applications - and virtually the entire security stack - all deployed inside corporate data centers. The challenge back then was relatively straightforward: build the strongest castle walls to prevent bad actors from entering while ensuring that legitimate users had access to the corporate resources that they needed.

Fast forward to the present where cloud adoption has rendered the walled castle approach completely irrelevant. One can no longer build a castle around services, applications and data. Instead of being isolated in a few centralized locations, information is spread out everywhere. You’ll find data stored in SaaS solutions, such as Office365, G-Suite and Salesforce. At the same time, corporate services and applications are moving to cloud-based data centers in AWS, Microsoft Azure or Google Cloud to allow faster time to market, better agility and improved customer service.

So how can you go about securing your resources and data in this new cloud paradigm? Symantec Secure Access Cloud helps you achieve just that.

What is Symantec Secure Access Cloud?

Secure Access Cloud is based on Symantec’s acquisition of Luminate Security and their innovative Software Defined Perimeter technology in February of 2019.

Secure Access Cloud provides secure, agentless access for any user, from any device to any corporate resource hosted in private, public or hybrid cloud environment without deploying and maintaining any appliances in the data center or agents on the endpoint.

Based on the principles of Zero Trust Access and delivering a Software Defined Perimeter as a cloud native service, Secure Access Cloud provides:

• True point-to-point application level connectivity between the users and the corporate resources, based on user identity, rather than on network topology for access to corporate resources. This removes the possibility of network level attacks such as EternalBlue, Bluekeep and others.
   
• Full resource cloaking (both from the internet and the end user networks) reducing the chances of unauthorized access to corporate resources and data, as well as drastically reducing a network attacks surface of the corporate data centers.
   
• Continuous enforcement of contextual access and activity policies, allowing the organization to define who has access, to what specific resources, under which conditions (such as location, device status – managed, unmanaged, compliant or not, MFA status and others) and which operations are these users are allowed to perform based on their context (file uploads, downloads, specific SSH commands allowed, etc.).
  
  Example: a user accessing an application from a managed device can download any content, while a user accessing from an unmanaged device is not allowed to download or make changes to the content in the corporate resource hosted anywhere.
   
• Complete audit trail of every user action performed (such as URIs accessed, SSH commands executed, files downloaded and others) for compliance and DFIR purposes.

Integrating Secure Access Cloud within the Symantec Integrated Cyber Defense Platform - only 3 months after the acquisition - Secure Access Cloud now provides native support for Symantec’s multi-factor authentication (Symantec VIP) for contextual and step-up MFA based on user, resource and activity context.

In addition, integrating Secure Access Cloud with Symantec CloudSOC CASB, DLP and Threat Protection solutions, Secure Access Cloud now extends the same set of DLP and Threat Protection policies already enforced in a customer’s on-premises and SaaS environments to any resource hosted in public, private or hybrid cloud environments.

Secure Access Cloud is already trusted by multiple Fortune 1000 companies providing secure, Zero-Trust access for employees, partners and contractors to corporate resources and data as well as innovative start-ups and technology companies, allowing secure DevOps access to the development, staging and production environments across multiple data centers, regions and cloud vendors.

The cloud computing era marks an exciting inflection point with the process of digitization remaking one industry after another. But this rapid shift to the cloud also puts the onus on companies to batten down the hatches and make sure that their data is safe and secure. But you don’t need to leave it to chance. Symantec Secure Access Cloud helps ensure that this transformation remains as safe as it is profitable.