Cloud Security

Cloud Security Posture Management (CSPM)

Proactively identify and remediate cloud security risks by concentrating on security assessments and compliance monitoring, primarily across Infrastructure-as-a-Service (IaaS) and Platform-as-a-Service (IaaS) stacks.

CSPM solutions provide consistent controls and automated remediation across cloud providers and help keep configurations secure in a shared-responsibility security model. CSPM providers can also help with auditing regulatory requirements such as SOC2, PCI, GDPR, CCPA and others. CSPM typically uses API calls to proactively monitor for risks and security automation.

Cloud Access Security Broker (CASB)

Close security gaps across cloud platforms with a central location for policy and governance as well as granular visibility into and control over user activities and sensitive data. Protect data wherever it is stored. CASB capabilities are delivered primarily as a SaaS application, occasionally accompanied by an on-premises virtual or physical appliance where adherence with certain regulatory requirements or data sovereignty rules apply.

Secure Access Service Edge (SASE)

SASE, pronounced “sassy,” is the newest conceptual development in security. Coined by Gartner in August 2019, SASE is the convergence of multiple security and networking technologies into a unified, global cloud-native service. While still in its infancy, Gartner predicts 40 percent of companies will seek to implement SASE by 2024.

SASE combines SD-WAN capabilities with network security functions like Firewall as-a-Service (FWaaS), CASB, secure web gateway (SWG), and zero trust network access (ZTNA) that are delivered as a single cloud-based service (aaS). It is meant to provide real-time, dynamic secure access across organizations with permissions based on identity, context and security/compliance policies.

Additional As-A-Service Models (SOCaaS, DRaaS, BaaS)

Due to the complicated and persistent nature of cyberthreats today, many businesses are offloading security operations to firms offering Security Operations Center (SOC) services. These companies proactively monitor for, prevent, and respond to threats around the clock all year long – something for which many organizations just can’t staff. They can monitor and defend on-premises or cloud-based infrastructure/data and are an excellent resource for regulated industries that need to adhere to strict compliance frameworks. SOC/SOCaaS firms must pass rigorous security audits and understand the nature of these regulations. They help customers identify security gaps, can validate compliance and control processes, and supply proof to auditors that an organization is mitigating vulnerabilities and meeting standards.

Where SOC/SOCaaS firms protect information and assets maintained on infrastructure controlled by their clients — either on-premises or in the cloud — other cloud services firms enhance client security by acting as a safe repository for critical information.

Disaster Recovery as a Service (DRaaS) and Backup as a Service (BaaS) platforms allow organizations to adhere to tight recovery point and recovery time objectives (RPOs and RTOs). Companies leveraging these services can quickly restore data and resume operations in the event of unplanned downtime (most often caused by human error, cybercrime, or natural disasters). For businesses with a very low tolerance for downtime, leveraging DRaaS and/or BaaS from a global cloud service provider is an incredibly attractive option.