Contact Us

|

Careers

|

Change Locale
close

How to Secure the Cloud with Symantec O3

Servers, Storage and Networking | Posted on August 2, 2013 by Jeremy Bandley

A recent blog post by Softchoice security expert Stephen Perciballi outlines the challenges faced by organizations that use third-party services to store their data. He points out that while it’s not unusual for companies to spend thousands, or even millions of dollars securing their corporate data center, a single critical file saved by an employee to a less-than-secure consumer Cloud solution circumvents it all.

IT managers are well aware of this risk and worry about hackers getting hold of user login credentials, and the potential for viruses, Trojans and malware to infiltrate sensitive corporate information. In the worst-case scenario, these propagate right up to the server level in a DDoS attack – to bring it all down.

The fact is users enjoy the collaboration and productivity third-party Cloud SaaS apps provide. And all they need is a credit card to access an app like Yammer from the office, cottage, or coffee shop. This puts IT Managers in a bit of a quandary. Do they take the unpopular but safe approach and block Cloud SaaS apps altogether? And is that even possible? Or, do they accept these changing times – and a changing workforce – and work with users to make access to third party Cloud SaaS apps secure?

There are several basic questions you must ask of any third-party that has access to your corporate data in this way, including:

  • Who has access to their environment?
  • Where is the environment being stored?
  • What is the change control around it?
  • Are SSL and HTTPS protocols (data encryption) going to be satisfactory for data security requirements/regulations?
  • What level of ISO certification does the provider have?

For example, ISO 27001 certification demonstrates and ensures security best practices and a managed approach to business information protection including risk, governance and compliance. We strongly recommend that third-party cloud providers that you deal with are ISO certified — you can validate their certification with ISO.

Once you understand the security measures each SaaS provider has put in place, you can decide whether you need to implement additional measures of your own. For example, perhaps you’re satisfied with the SaaS’ security protocols, but their data encryption practices aren’t secure enough for your needs. If so, there are technologies that offer protection for users and data flowing through third-party SaaS applications that align data encryption to your standards.

Symantec O3 for example, supports most public cloud applications, giving you complete visibility and control over the what, who and how of information movement. It is particularly ideal for situations where data is highly sensitive, such as financial or healthcare information when security is a top priority.

Key Benefits of Symantec O3

  • Helps organizations manage risk while taking advantage of business agility and cost advantages of the cloud
  • Improves security while preserving simple and convenient SSO access for all users
  • Mobile-aware architecture eliminates “side-door” access and protects data downloaded on mobile devices
  • Provides out-of-box support for existing identity infrastructure and applications
  • Simplifies and lowers the cost for cloud compliance audits and forensics

The bottom line
In today’s workplaces, users want access to apps. And third-party cloud apps are attractive to employees. So rather than fight what is arguably a losing battle, it’s far better to get ahead of the trend. Familiarize yourself with the apps at play, and assess the risks and challenges each delivers, and then take the necessary action to make them safe.

Do you think the days of IT being a department that implement controls, are gone? Let us know in the comments and one of our security experts will get back to you.

Related Articles

Cloud | November 28, 2019 by Ryan Demelo

Among the biggest obstacles to IT resilience is the “data dilemma.”  That data has become “the new oil” is a well-worn cliché by now. But clichés earn that status because they originate in the truth. And it’s true that today, data drives the decision-making that moves businesses forward. Protecting it is more important than ever. […]

Cloud | November 27, 2019 by Ryan Demelo

When your system goes down, it’s a disaster – plain and simple.   Whether it’s a ransomware attack that’s shut users out of their email or a software glitch that’s knocked over an e-commerce portal, end users don’t care about the cause of an outage.   They expect the systems they rely on to be “always-on.” 

Cloud | November 14, 2019 by Ryan Demelo

Protect the data and applications critical to your business.   Data has a significant impact on the way we do business, enabling innovation, defining how we engage our customers and expand our ability to generate revenue. With IDC forecasting that by 2025 the global data sphere will grow to 175 Billion Terabytes of information, businesses will need to be more strategic and efficient in the way they manage – and protect – their data.  The increase in global cyberattacks is a […]