Security gets SaaSy to ease transformation pressure

Enterprise Internet traffic is growing at a mind-blowing pace as mission-critical applications move to the cloud.

The Cisco Visual Networking Index estimates that globally, business Internet traffic will reach 24.5 exabytes per month in 2019, the equivalent of 6 billion DVDs per month, or 8 million DVDs per hour.

At the same time a recent Gartner survey shows that alternative consumption models, including SaaS, to traditional on-premises licenses are accounting for more than 50% of new software implementations.

This new era of enterprise IT may have many cost advantages and allow enterprises to embrace new applications and services rapidly, but it is also giving the IT department quite a headache.

A new view of security

These dramatic changes in the IT landscape, triggered by business transformation and an increase in cyber-attacks and security breaches, are making many enterprises re-evaluate their security strategy.

While established methods for Internet security using regional gateways and local breakouts have their virtue, an avenue whereby Internet traffic goes through a cloud-based security-as-a-service solution is proving increasingly attractive. Attacks today are much deeper and broader so the defense also needs to be a deeper and broader.  Companies such as Zscaler, Cisco, FireEye, Alert Logic and Mobile Iron offer customizable solutions that can be controlled by a client side portal.

It is therefore no surprise that the cloud security-as-a-service market is poised for enormous growth. IDC forecasts that by 2018, over 33% of all security will be deliver via SaaS or hosted, as they look for a more secure and efficient way to operate in an age of business transformation.

Hybrid: the great enabler

Enterprises looking for business agility, while carefully managing the bottom line, are moving to a hybrid solution that provides cheaper and easier access to the Internet. A hybrid network uses a combination of different circuits (MPLS, Cable, Internet, 3G, 4G, etc.) that work collectively to allow business-critical applications perform faster and more efficiently. The addition of performance management tools provides consistent access across all technologies. This makes for a great delivery mechanism, but is a major challenge when it comes to implementing security.

With SaaS models changing the way data is accessed, security platforms are changing to accommodate new delivery methods by utilizing SaaS models themselves.  These malleable solutions offer a major advantage over traditional hardware and software based solutions in that they can protect mobile devices as well as PCs and servers with the same level of protection enterprises have become used to on the LAN side of the network.

Don’t rely on breach alarms

A security strategy that relies solely on technology alerting enterprises to risk can sink in the water.  A leading US retailer recently had to pay $39 million in compensation to banks after 40 million customer credits were stolen. The retailer admitted to missing hundreds of alerts, which it was unable to follow up, resulting in the breach.

A fully-layered security approach is critical. It should examine both inbound and outbound traffic, including spotting communication with bad sites and detecting data exfiltration, including content encrypted over SSL to identify sensitive or unauthorized data such as intellectual property, customer information and financial statements.

A deep-dive content analysis is required, not just antivirus filtering. Unknown files should be automatically executed and monitored in a controlled sandbox, so that malicious behavior can be recorded and analyzed.  With Zscaler, for example, malicious objects are automatically blocked in real time where they are quarantined until analyzed, so the very first person who attempts to download a malicious object is fully protected.

Plan, plan and plan again

Whichever security route an enterprise takes to implementing hybrid network requires very careful analysis.  Planning is paramount, regardless of the Internet access architecture when implementing cloud-based web security such as Zscaler or a managed security service such as Orange Zscaler-based Web Protection Suite.

Cloud security tools should be a natural extension of other cloud deployments. Increasing capabilities will further enable enterprises through the digital transformation process by taking advantage of the agility, flexibility and scalability of cloud technologies.

Download our white paper Secure Internet Access via Zscaler in a Hybrid Network – Distributed Gateways: 9 Design Considerations for Cloud-Based Web Security to find out more about hybrid network design and how you can use Zscaler to secure data, while providing users with the access to high-speed internet that is demanded by business today.