Aseem Rastogi

Cloud Security Platform - How to choose one?

Blog Post created by Aseem Rastogi on Oct 29, 2018

As the world moves towards a digital future, every aspect of enterprise continues to be disrupted by technology.

Fueled by the union of Cloud Computing, IoT, Big Data and surging demand for on-the-go access to information, this digital disruption is dramatically reshaping the security landscape.

Complexity Creates Chaos…

Enterprises have always relied on prevention and policy-based controls for security, deploying products such as antivirus, IDS/IPS and firewalls. But as we now know, they aren’t enough to adequately deal with today’s environment. Legacy security systems, siloed approach and dependence on manual intervention - are proving inadequate to create visibility.

 

Having a security platform with various elements placed at the appropriate positions within the security architecture will help manage organization’s security posture. The platform approach offers full visibility and automation helps in detection and prevention of attacks.

 

Cloud Security Platform Selection Criteria

Given there are various security platforms available, it becomes essential to understand, how to choose a platform. Some of the criteria to keep in mind —

  1. Core Requirements
  2. Implementation Considerations

 

Core Requirements For Cloud Security Platform

  • Actionable Audit – Visibility, Discovery of risks & outcomes to risk reduction is the most important expectation from security platform.
  • Compliance Monitoring – Security platform offer various regulatory compliance monitoring on a continuous basis. Some of the standards may be ISO 27001, HIPAA, PCI etc.
  • Threat Prioritization – Threat intelligence contextualization is a key differentiator for platforms. This helps prioritize action quickly and close the window of opportunity for the attacker.
  • Dev SecOps – SecOps to match the speed of development is a key driver and security platforms are helping plug security in with development processes.
  • Security Automation – Manual remediation increases the time window and hence having automated remediation option would be a considerable benefit in enhancing overall security posture.

 

Implementation Considerations

There are several important factors to consider while selecting a platform -

  • Control Over Data – Security platforms are available in SaaS as well as On-Prem version. In SaaS model, corporate security data would be flowing to the service provider. On-Prem hosted platform would however enable corporations to maintain control of their own data at all times. This issue needs to be carefully weighed against the compliance obligations of the company, before making the choice.
  • Data Residency – With localization obligations coming in play, SaaS service providers of Security Platform needs to be understood.
  • Licensing – Businesses need to carefully weigh in licensing options, usage restrictions against their IT needs. For example – SaaS options make it very appealing to start using the service but often times, there are high cost or restrictions associated with the service.
  • SaaS Vendor Accreditation – Businesses may need to validate additional security measure in case of SaaS vendors. Industry certifications such as SOC 2 – Type – II are really the gold standard while evaluating.

 

Apart from security, business related considerations, following consideration may be important for long term security architecture:

  • Breadth of Cloud Service Provider coverage and Service Coverage depth within a CSP
  • Compliance Monitoring coverage
  • Breadth of compliance controls – Whether the product integrates with existing security products and provides expansive control coverage.
  • 3rd Party Integration options

 

By having a platform approach towards security operations, your organization can focus on business priorities as the routine tasks are streamlined and attack surface is automatically reduced. 

With an integrated, prevention-first security platform in place, organizations can securely implement advanced, productivity-enhancing applications and technologies, all the while maintaining a complete and reliable prevention-oriented organizational security posture.

Outcomes