FeatureThe new normal has exponentially grown and amplified businesses’ reliance on cloud-based infrastructure and solutions, scattering enterprise data into what is frequently the unknown. We see enterprises starting to grapple with the complex question of where their data is, and who really has access to it, and how they might audit or track this.
Visibility is therefore becoming the new watchword.
As they do so, they have begun to realise their ability to govern data is limited at best, and they have few processes in place to understand who is accessing what data and from where, and what the actual costs are. Visibility is therefore becoming the new watchword.
Riverbed NetProfiler and AppResponse are both Full Fidelity products that, respectively, capture and retain every flow record and every packet for anomaly detection and forensic analysis. As we are faced with new and evolving threats, we simply do not know today what we will need to be defending from tomorrow, which positions the Riverbed suite strategically for both spotting anomalous patterns of behaviour, as well as allowing for forensics in responding to incidents.
Prohibit the use of the new wave of shadow IT solutions.
Among the most significant security best practices that end users need to follow as they adjust to hybrid workforce and disruptions, accelerated transformation and post pandemic recovery is to prohibit the use of the new wave of shadow IT solutions.
With employees installing free SaaS applications, this can take information flows and sensitive information outside of the CISO’s control.
The new work from home environment has brought some complications and inefficiencies that make it harder to get the job done. With some employees installing free SaaS applications for collaboration, this can take information flows and often sensitive company information outside of the CISO’s control.
Most SaaS applications have a free version for smaller groups of users, and often this is what people are using. While tempting, this modern form of shadow IT entails a substantial data governance risk so the best practice should be to not do it.
[quote font=”tahoma” font_size=”13″ color=”#262626″ bgcolor=”#f9f9f9″ ]
Recommendation for CISOs
• BYOD, unmanaged devices are the future. Enterprise users can be resistive to the use of company-controlled agents. These trends contrast the traditional CISO’s view of the world.
• Policies and controls around data access, tracking and visibility, and data hygiene are going to be crucial in carefully accepting that this trend is happening.
• Options exist that may be outside the normal comfort zone of the CISO.
• Skills acquisition should focus on reducing the cloud footprint, limiting unsanctioned cloud applications, and the monitoring and visibility of cloud assets.
[/quote]
Policies and controls around data access, tracking and visibility, and data hygiene are going to be crucial..
