Visibility and security are paramount to a network because you can’t have one without the other. As technology develops, and our reliance on internet connectivity grows, new road blocks appear that make visibility harder to achieve. How can CSOs adapt to make sure they’re covering as many blind spots as they can?
Outside the firewall
The modern workforce demands more flexibility than ever before. Between bring your own device (BYOD) policies and mobile workforce policies, it can be difficult to keep an eye on all network traffic to keep your assets safe.
Enter Cisco Umbrella. Umbrella, a Secure Internet Gateway delivered from the cloud, grants visibility across all devices and ports. It also uses its formidable intelligence to prevent devices from connecting to malicious sites, providing extra layers of security against malware — not just on your VPN, but anywhere an endpoint connects to the internet. This is a huge step in providing peace of mind that users are safe outside of the firewall.
It’s also remarkably easy to implement. Since you’re essentially setting up your DNS to forward anything that goes external, you can get up and running with Umbrella in a matter of hours.
Inside the cloud
Agencies are scrambling to meet the requirements of the cloud-first mandate, and security is top of mind. While most clouds are not inherently unsecure, there are risks involved with any major transition. Most agencies also have some data that should be left on-prem. The good news is there are solutions that provide control and visibility around cloud access and usage, which can assist in making the transition as smooth as possible and can help CSOs maintain cloud security once their new infrastructure is in place.
Cloudlock is Cisco’s CASB (Cloud Access Service Broker) solution. Using advanced machine learning, Cloudlock manages what can and can’t be put into the cloud while providing insight into cloud and app usage, making compliance a much easier lift. It also adds an extra layer of data loss prevention by safeguarding against breaches, helping CSOs manage intellectual property, personal records, and other sensitive information.
One differentiator of Cloudlock versus other CASB solutions is the way that it crowdsources intelligence from other Cisco products, sharing the cyber fingerprints for emerging attacks to all subscribers. This helps CSOs adopt a preventative posture instead of a reactive one.
Shining a light on shadow IT
Whether we like it or not, some users are going to continue leveraging unapproved apps within our environments. And while there’s still no silver bullet to protect against shadow IT threats, there are things CSOs can do to provide a good degree of visibility. This is where the integration of Cloudlock and Umbrella differentiate the solution from the rest of the pack.
Cloudlock supports in-app integration with Umbrella, leveraging DNS logs to uncover what apps are being used by your devices. With a powerful dashboard, this integration can provide detailed information on vendors and other app attributes to inform risk analysis. CSOs can then use this information to block app categories they deem too high risk. On the flip side, visibility into shadow IT can inform the hidden needs of your work force, helping to identify future solutions and purchases.
Keeping an eye on the horizon
We’re at a crucial moment when use cases for leveraging the cloud are becoming more widespread, and the need to adapt is stronger than ever. But as technology develops, security is always in tow. Blind spots only exist if you don’t see them. Solutions, such as the Cloudlock and Umbrella examples above, will help you keep an eye on all the right places.
How can we help your agency achieve its mission?
Maximize your IT investments. Learn more about solutions and services from Force 3.