Topics In Demand
Notification
New

No notification found.

Blog
Cloud Security Platform - How to choose one?

October 29, 2018

527

0

As the world moves towards a digital future, every aspect of enterprise continues to be disrupted by technology.

Fueled by the union of Cloud Computing, IoT, Big Data and surging demand for on-the-go access to information, this digital disruption is dramatically reshaping the security landscape.

Complexity Creates Chaos…

Enterprises have always relied on prevention and policy-based controls for security, deploying products such as antivirus, IDS/IPS and firewalls. But as we now know, they aren’t enough to adequately deal with today’s environment. Legacy security systems, siloed approach and dependence on manual intervention – are proving inadequate to create visibility.

Having a security platform with various elements placed at the appropriate positions within the security architecture will help manage organization’s security posture. The platform approach offers full visibility and automation helps in detection and prevention of attacks.

Cloud Security Platform Selection Criteria

Given there are various security platforms available, it becomes essential to understand, how to choose a platform. Some of the criteria to keep in mind —

  1. Core Requirements
  2. Implementation Considerations

Core Requirements For Cloud Security Platform

  • Actionable Audit – Visibility, Discovery of risks & outcomes to risk reduction is the most important expectation from security platform.
  • Compliance Monitoring – Security platform offer various regulatory compliance monitoring on a continuous basis. Some of the standards may be ISO 27001, HIPAA, PCI etc.
  • Threat Prioritization – Threat intelligence contextualization is a key differentiator for platforms. This helps prioritize action quickly and close the window of opportunity for the attacker.
  • Dev SecOps – SecOps to match the speed of development is a key driver and security platforms are helping plug security in with development processes.
  • Security Automation – Manual remediation increases the time window and hence having automated remediation option would be a considerable benefit in enhancing overall security posture.

Implementation Considerations

There are several important factors to consider while selecting a platform –

  • Control Over Data – Security platforms are available in SaaS as well as On-Prem version. In SaaS model, corporate security data would be flowing to the service provider. On-Prem hosted platform would however enable corporations to maintain control of their own data at all times. This issue needs to be carefully weighed against the compliance obligations of the company, before making the choice.
  • Data Residency – With localization obligations coming in play, SaaS service providers of Security Platform needs to be understood.
  • Licensing – Businesses need to carefully weigh in licensing options, usage restrictions against their IT needs. For example – SaaS options make it very appealing to start using the service but often times, there are high cost or restrictions associated with the service.
  • SaaS Vendor Accreditation – Businesses may need to validate additional security measure in case of SaaS vendors. Industry certifications such as SOC 2 – Type – II are really the gold standard while evaluating.

Apart from security, business related considerations, following consideration may be important for long term security architecture:

  • Breadth of Cloud Service Provider coverage and Service Coverage depth within a CSP
  • Compliance Monitoring coverage
  • Breadth of compliance controls – Whether the product integrates with existing security products and provides expansive control coverage.
  • 3rd Party Integration options

By having a platform approach towards security operations, your organization can focus on business priorities as the routine tasks are streamlined and attack surface is automatically reduced. 

With an integrated, prevention-first security platform in place, organizations can securely implement advanced, productivity-enhancing applications and technologies, all the while maintaining a complete and reliable prevention-oriented organizational security posture.


That the contents of third-party articles/blogs published here on the website, and the interpretation of all information in the article/blogs such as data, maps, numbers, opinions etc. displayed in the article/blogs and views or the opinions expressed within the content are solely of the author's; and do not reflect the opinions and beliefs of NASSCOM or its affiliates in any manner. NASSCOM does not take any liability w.r.t. content in any manner and will not be liable in any manner whatsoever for any kind of liability arising out of any act, error or omission. The contents of third-party article/blogs published, are provided solely as convenience; and the presence of these articles/blogs should not, under any circumstances, be considered as an endorsement of the contents by NASSCOM in any manner; and if you chose to access these articles/blogs , you do so at your own risk.


© Copyright nasscom. All Rights Reserved.