Organisations have adopted the use of cloud technologies at an astounding rate. This adoption spans the use of SaaS platforms by users as well as the movement of traditional on-premises applications and infrastructure to the cloud. dotnext has a comprehensive portfolio of cloud security solutions to assist organisations in maintaining visibility and security controls of their data and applications while aligning to business drivers for cloud adoption.
The traditional web proxy used by many organisations to facilitate safe and controlled internet access has evolved, as users have embraced a work from anywhere culture. A Secure Web gateway provided as a SaaS platform, provides the same traditional controls such as web filtering, malware protection and now even includes DLP (data loss prevention capabilities) This is provided from a cloud platform, which means policies are enforced irrespective of where a user connects to the internet from.
Zero Trust Network Access (ZTNA) is the evolution of VPN for the modern workforce.
ZTNA seamlessly connects authenticated users anywhere, using any devices to private resources in data centers and public cloud environments. This is facilitated transparently to the user, which ensures a secure connection to traditional on-premises applications with less friction to the end-user. Typical use cases include secure DevOps access to cloud resources, securing 3rd party access to infrastructure and augmenting or replacing traditional VPN access requirements.
The adoption of cloud platforms like AWS and Azure has exploded in the last few years. While these platforms provide organisations with extreme flexibility and the ability to scale according to demands, they also require attention to detail with configuration. A small misconfiguration can lead to severe outages or expose sensitive customer data to malicious outsiders. CSPM solutions provide the ability to constantly scan these cloud platforms for deviations from best practice and industry standards like CIS or NIST. This allows organisations to use these cloud platforms while ensuring that they are doing all that is required to secure them from data loss and outages.
The adoption of cloud workloads has necessitated the need to ensure that these workloads (applications) are secured from build through to adoption in production. CWPP platforms constantly evaluate the vulnerabilities and security of workloads as they move through the development phase, through to deployment. CWPP’s also monitor deployed running environments to ensure that they conform to their original intent and secured state. Ultimately CWPP’s are intended to ensure that rapidly changing applications and workloads are secured and stay secure throughout their life cycle.
Recently Gartner added the acronym CNAPP to their list of cloud security definitions. In short CNAPP refers to an integrated set of security and compliance capabilities designed to help secure and protect cloud native applications across development and production. CNAPP combines several technologies and capabilities like CSPM and CWPP but includes capabilities like Infrastructure as Code (IAC) scanning, as well as integration into development pipelines. This allows organisations to “Shift Left” with their Dev Sec Ops lifecycles. In short CNAPP’s aim to assist organisations to gain full visibility of security of their applications in cloud from development to run-time in production. CNAPP’s also aim to react to security threats when they occur in order to ensure that applications align to business operational requirements.
CASB technologies intend to extend the traditional on-premises data protection capabilities like Data Loss Prevention (DLP) into cloud platforms.
This enables an organisation to enforce policies related to what type of data users can upload / download to SaaS platforms like Dropbox, OneDrive etc, at a granular level.
CASB technologies provide full visibility into the use of sanctioned cloud applications and “Shadow IT”, to provide the necessary controls to ensure that only allowed platforms are used and that sensitive data is not exposed / leaked via these platforms.
If you have any questions and wish to speak with a representative regarding sales or technical support, please complete the form on the next page and a representative will be in touch.