Industry Insights with Hank Schless

Application Security , Cloud Security , Cybercrime

Cybercriminals Are Targeting Your Cloud Apps

Using CASB to Take Zero Trust to the Next Level
Cybercriminals Are Targeting Your Cloud Apps

The adoption of cloud applications and mobile devices means everyone can now work from anywhere, using devices and networks of their choosing But it also means that even as some of us return to the office, organizations have lost the ability to manage the way employees handle sensitive data.

See Also: Live Webinar | Cyber Resilience: Recovering from a Ransomware Attack

This change has driven many to adopt a Zero Trust framework, which is based on the concept that no device or user can be trusted to access resources until that device or user has been validated to be secure.

As it stands now, however, attackers are taking advantage of a visibility gap to execute more advanced cyberattacks. Organizations need to take Zero Trust to the next level by implementing an advanced cloud access security broker, or CASB, solution that solves many of the challenges presented by the hybrid work environment.

Challenges of Hybrid Work Environment

In order to understand how this is done, it’s important to first understand the challenges that all organizations, regardless of size or industry, are now facing.

  • Cloud reduces visibility and introduces new risk. Cloud infrastructure and SaaS apps have become integral to the way we work. But as employees work from various locations, networks and devices, cloud data goes where it’s needed. This means IT and security teams have lost visibility into how their organization’s sensitive data is being handled once it leaves the infrastructure.

    In order to make sure data isn’t being mishandled, knowingly or unknowingly, every organization should implement data loss prevention, or DLP, policies. This will enable them to automatically classify, protect and encrypt sensitive data and help ensure its integrity.

  • Access can come from anywhere. In addition to the challenge of understanding where data is going and how it’s being handled, there’s also the core issue of access. The hybrid work model and the risks it brings are here to stay as mobile devices and cloud technology continue to evolve.

    Employees now expect to be able to access company data from any device. To keep up with this expectation, most organizations allowed access to the infrastructure from personal and unmanaged devices. This introduced a high volume of risk as these devices haven’t been protected by a security solution and could introduce malware into the infrastructure.

    The right CASB solution will enable your organization to dial in dynamic access policies. Contextual signals such as location, device type and user behavior will ensure that only authorized users have access to sensitive data. This is a key part of stopping attacks before they happen.

  • Attackers are taking advantage of hybrid work. Attackers know that many employees will continue to work outside of the traditional security perimeter. This applies to the networks they’re on and the devices they use. Smartphones, tablets and computers all have similar access capabilities. As employees work from wherever is best for them, they will use a mix of managed and unmanaged devices to access your infrastructure.

    Especially on personal mobile devices, attackers have a myriad of ways to deliver phishing attacks and malicious content. Socially engineered campaigns that target individuals across social, gaming and even dating platforms entice employees to share login credentials or download malicious applications that give attackers a backstage pass to your infrastructure.

    Without visibility into the context under which devices and users access corporate data, many organizations are missing telltale signs of a compromised account, such as anomalous login location or massive file exfiltration. User and entity behavior analytics, or UEBA, is an important part of CASB that will help organizations identify and protect against anomalous behavior that’s indicative of a compromised user or device.

  • Protecting Your Cloud Infrastructure and SaaS Apps With CASB

    To get the most out of their cloud apps and infrastructure without putting data at risk, organizations need to know everything that’s going on and how it’s happening. They also need to be able to detect and respond to threats. Implementing a CASB solution will provide full visibility into the interactions between users, endpoints, cloud apps and data. It also will enable an organization to dynamically dial in Zero Trust access controls.

    The challenges that come with enabling employees for remote work are here to stay, and attackers will only continue to evolve their tactics in response to that. Keeping a step ahead of them by leveraging an advanced CASB solution is one of the most straightforward ways to keep your organization safe and out of the headlines.

    Learn more about Lookout CASB here. For a real-world example of why CASB is a necessity, read our blog on the EA Games data breach.

About the Author

Hank Schless

Hank Schless

Sr. Manager of Security Solutions and host of the "Endpoint Enigma" podcast, Lookout

After working for fintech and database technology companies, Schless has found a home in cybersecurity. Before Lookout, he was the 20th employee at a cloud infrastructure security startup and helped the company grow to over 160 employees. At Lookout, he is a senior manager on the security solutions team, enabling internal teams and informing the market about the growing need to secure mobile devices as part of their larger security strategy.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.