Does your Next-gen SWG provide Next-Gen Availability?

By on Jun 02, 2020

Few organizations were completely prepared to support everyone working off-premises as pandemic-induced stay-in-place orders were imposed across the world. This has spurred many IT organizations to expand their cloud usage—shifting how they manage remote access and protect business critical data and infrastructure. This necessary change has exposed flaws in data-center-focused cyber defenses. Now, for many organizations, the next step is a deeper dive into the new cloud-native security paradigm.

No doubt, information security is only one of many professions tasked with making strategic or procedural shifts in response to the pandemic. Keeping remote workers productive, data secured, and endpoints protected from ransomware —may seem a bit overwhelming at times. Yet, these changes mark a progression toward a very flexible architecture.

Looking ahead, what are the performance and architectural paradigm shift being considered that we will prize several years from now? Consider these three factors:

1. Scalability

Organizations are taking a second look at how they use VPNs, which were never designed to handle a high density of remote workers. Backhauling network traffic through data centers exacts a productivity hit, because it hampers latency and strains networks to the breaking point. Now, 80 percent of remote workers are interacting directly with cloud services, rather than routing traffic through data centers and security appliances. McAfee’s Next-Gen Cloud Secure Web Gateways (SWGs) was designed ground up with a cloud-native architecture and is able to provide the cloud-scale that is required as your remote workforce mushrooms as opposed to SWGs that are simply hosted in a cloud.

2. Reliability

An effective cloud-native security approach demands low latency and high availability. And yes, the widespread shift to cloud services has load-tested cloud secure web gateways. We estimate that industry-wide, cloud security services have experienced load increases ranging from 200% to 700% in recent months. How have our cloud secure web gateways performed during this surge in demand? While others experienced more downtime, we recorded the highly coveted nearly five nines 99.999% uptime in the past three months.

3. Efficacy and Usability

We must change how we secure remote workers while enabling productivity without hampering usability. Organizations that find themselves stuck with a jumble of cloud-enabled (aka cloud-hosted) —rather than cloud-native secure web gateways products cannot take a consistent or effective approach to securing data as it shifts between mobile devices, networks, and the cloud. They are also unable to protect endpoints (both managed and especially unmanaged) from emerging malware like ransomware or phishing attacks fast enough. In these organizations, there’s no unified access controls, causing even more headaches for security teams at exactly the wrong time.

Fortunately, some hurdles can be avoided. Let’s examine a cloud-native, unified security solution that can oversee, and thrive in, cloud, on-premises, and hybrid environments.

Countering Cloud Threats

Now, as organizations ramp up cloud security, they may experience challenges such as:

  • Enabling cloud workspaces to increase productivity while simultaneously securing sensitive data and defending against threats
  • Shifting data to the cloud while managing the associated higher complexity and data protection costs
  • Increasing cloud access from mobile devices while ensuring data compliance.

Blame it on the pandemic, but many businesses are adopting cloud services faster than they can secure them. Only 36% companies can enforce data loss prevention rules in the cloud. Sixty percent currently have no way to stop a personal, unsecured mobile device from downloading sensitive data from the cloud, completely invisible to IT.

Once an organization becomes highly reliant upon cloud services, it becomes more susceptible to cloud-native threats such as phishing attacks and various forms of malware. This is an acute issue when 83% of companies store sensitive data in the cloud (according to our 2019 study).

In response, many organizations apply on-premises security tools that were not designed to address the unique challenges of cloud-native threats. This can result in coverage gaps for users, devices, data and cloud environments, too. And gaps sprout data leaks, which can lead to financial, reputational, IP loss, and compliance exposure such as GDPR or PCI fines.

Flying blind is a common cloud management challenge, but effective cloud security requires visibility, control and closed loop remediation. Establishing a complete view into your cloud usage and cloud data, you can begin to mitigate risk by implementing access controls, data protection, and threat prevention measures to your cloud services.

Live Webinar

Top Use Cases for a Next-Gen Secure Web Gateway

Thursday, July 16, 2020
10am PT | 12pm CT | 1pm ET

Register Now

Enter MVISION Unified Cloud Edge (UCE)

Consistent policy implementations become a key success factor when managing data and devices beyond your firewall. Only 30% of companies today can protect data with the same policies on their devices, network, and in the cloud. McAfee MVISION UCE architecture establishes visibility and control of data from device to cloud—all in one dashboard. The cloud-native approach helps reduce TCO, offers architectural simplicity with better performance and bandwidth, and reduces MPLS costs.

MVISION UCE combines a Cloud Secure Web Gateway (SWG) with Browser Isolation; a Cloud Access Security Broker (CASB); and Data Loss Prevention (DLP) capabilities to define next generation of cloud security gateway based on cloud native architecture. By converging these four core technologies into one solution, we enable Organizations to implement a simplified Secure Access Service Edge (SASE) architecture which delivers:

  • Comprehensive visibility and consistent controls over data from device to cloud
  • Consistent threat protection with unified management, and investigations.
  • Direct-to-Cloud architecture with enterprise scale and resilience.

While some may argue that cloud-based architectures were simply inevitable, many IT teams are still grappling with how best to support remote workers and implement cloud-based security. A cloud native approach, such as MVISION UCE, will safely enable cloud workspaces, reducing the risk of breaches, rogue employees or malware.

Register for our webinar to learn more about McAfee’s Next-Gen Cloud SWG, MVISION UCE and how to implement SASE.

About the Author

Shishir Singh

Shishir Singh is the Senior Vice President of Engineering for Network, Web and Data Protection at McAfee, LLC. He is currently responsible for research and development of industry leading products, such as Network Security Platform (IPS), Web Gateway, Web SaaS, vNSP for IaaS, and Data Protection for End Point and Network. These products are offered ...

Read more posts from Shishir Singh

Leave a Reply

Your email address will not be published. Required fields are marked *

Subscribe to McAfee Securing Tomorrow Blogs