Glass Class - Cloud Security Priorities For 2016


Glass Class - Cloud Security Priorities For 2016

Hi, everyone. Rich here, and today we're going to be talking about 2016 cloud security priorities. We recently went out and surveyed a bunch of CIOs and CISOs from major organizations. We talked to them about their concerns for the cloud moving into 2016, and here are the top four.

Number four is shadow IT. This is something that might have been at the top of the list in years gone by. But, it's kind of diminished as a major concern as folks have gotten more comfortable with this new way of doing business where there’s going to be some unsanctioned cloud application use within most organizations.

Number three is external sharing. Most cloud apps are built to share as effectively as possible, especially file sharing apps. This ability to come in and just with the click of a button share sensitive data, potentially outside of the organization, is a big concern for the folks that are responsible for protecting that data.

Number two is the security of the underlying application providers’ infrastructure. There are a lot of different cloud apps out there - some big, some small, some more secure, some less secure - and this whole process or idea of trying to figure out which are the most secure (and, for those that are less secure, whether or not to even use them), becomes a big challenge.

Then, the number one concern for most organizations moving into 2016 is access from unmanaged devices - or what I've written here as BYOD. Now, why is that a concern, a major concern, when you move to the cloud, when it wasn't a big concern in the premises world? Well, if you look here at the premises world, you have applications and data residing inside of data centers. And what do we do? We build a perimeter around those data centers and we use a lot of security infrastructure - a traditional layered security approach - to protect what goes in and what comes out. Which means we can do things like allowing access from managed devices, but disallowing access from unmanaged devices or restricting access from unmanaged devices.

 When we move to the cloud, that picture gets much more difficult to pull off because you have, potentially, an unmanaged device coming from a coffee shop and connecting to a public cloud app like Office 365 or Dropbox, as examples. What do you do here? You can't go to Microsoft and say, "Hey, I want to put a firewall and a bunch of security infrastructure in front of Office 365 to protect my corporate data." You're left out in the cold here. This is exactly where cloud access security brokers come into play, and the type of business that Bitglass is in, in terms of enabling a lot of enterprises to safely adopt cloud apps and do things like control access from unmanaged devices.

Thanks for joining today's session.