Cloud security is many things. It can secure your mobile workers and remote offices. It can reach into your Office 365 and SaaS cloud apps to monitor user behaviors and analyze content for potential compliance issues. It can filter your email to keep you free from spam and protect you from threats. It can host your endpoint security console. Cloud security can do all this and more – But it’s not easy.
Cloud security has grown up in narrow segments focused on different subsets of cloud security issues, including CASB, access security, email security, solutions for AWS and Azure, and endpoint protection managed in the cloud. But, as the segments grow, vendors are asked to build extremely advanced capabilities in very complex areas like data security, threat protection, and encryption. When robust enterprise requirements are handed to startup vendors in new spaces, you have three big problems:
- Minimally viable products that don’t serve the need of an enterprise;
- Lack of integration across different cloud segments, and;
- Lack of integration with the enterprise’s existing security infrastructure.
The result? Customers stitch together a patchwork of vendors and minimally viable services in critical security areas. They ask their startup access security vendor for CASB security, but are told to buy it across the street. Then, they realize that each startup has its own home-grown approach to threat protection and its own DLP. It’s hard to tell if it’s any good, but it sure doesn’t work together – or with their email security or endpoint technology. It’s almost impossible to purchase, deploy, and effectively operate. It leaves them exposed as they try to embrace the cloud. But that confused state does not need to stand.
Symantec Cloud Security Platform
Symantec has driven to fulfill a security vision for the Cloud Generation. In a world of fragmented security infrastructure, Symantec is focused on unifying cloud and traditional on-prem environments, to integrate critical security and compliance services to protect users and organizational data everywhere. Even extending beyond our own capabilities through a robust, open platform and partnerships.
Symantec has acquired aggressively to add best in class technologies for Web and Internet Access Security, CASB and email. We’ve driven integration ruthlessly – focusing on streamlining the deployment and operation of our services, driving market leading DLP across all cloud properties, deploying advanced threat protection in all cloud segments, and integrating the collective intelligence across all those segments with our Global Intelligence Threat Network. We’ve simplified the extension of your security and compliance policies to the cloud. And we’re driving innovation for beyond tomorrow. Here are just a couple highlights of recent releases.
Securing Users and Data Beyond Traditional Borders
- New Integration of Symantec DLP into our Web Security Services. Now one DLP policy extends across cloud-delivered email security, CASB security, Web/Internet Access Security, as well as on-premise DLP.
- New Malware Analysis Advanced Services on Web Security Service (Dec ‘16). Completes the deployment of advanced threat detection technologies within each cloud segment, tied together by our Global Intelligence Network and the largest civilian threat research team in the world.
Securing Public Cloud Infrastructure and Platform as a Service (IaaS and PaaS)
- New Cloud Workload Protection to Secure Containers and Workloads in MSFT Azure and Amazon Web Services. Monitors application workloads and processes to protect applications from unknown exploits and prevents unsanctioned application deployments.
- Newly Available ProxySG and Web Application Firewall on AWS. Delivers critical protections for web applications on public cloud infrastructure. The innovative approach enables activity policy enforcement and efficient operations to overcome the failures of the WAF industry due to complexity.
- New CASB Securlet for MSFT Azure PaaS (already available for AWS). Provides detailed user activity logging, account breach detection, automated incident response actions and investigation tools to navigate incidents.