Moving to the Cloud Has Required a Change in Security Strategy
Following the rapid move to the cloud during the pandemic, Weiss said, it’s been necessary to take a step back and ensure visibility. “But as you evolve everything to the cloud very quickly, mistakes can be made. So, now we're looking at taking that shift and making sure that risk is reduced,” he said.
“When we look at risk, the runtime in cloud is second to none,” Weiss said. “So, we look at things like having tools in place to minimize exposure for things like multifactor authentication to those controls, new technologies for things like CASB and cloud data loss prevention.”
“We look at things like SASE for risk mitigation. There’s user profile SASE, and there’s also data-centric SASE. Bringing those two together really allows us to minimize risk for customers as they’re evolving to the cloud and leveraging existing technologies that they have in place today,” Weiss explained.
Weiss offered some examples of the existing technologies that could be leveraged, including “SD-WAN, particularly for cloud, which allows us to leverage an existing firewall investment and give users remote access and then content access to data streams that are in the cloud as well."
Physical Security Has Been Added to the List of IT Responsibilities
As companies consider a return to the office, IT is finding itself taking on some concerns around physical security in addition to its role in cybersecurity.
“Traditional physical security we would think of door access, badge access, cameras, etc. Those are still very important in that space, but often, they were on their own networks,” Weiss explained.
“A closed-circuit television, for example, that would use a hard drive or even tape, back in the day, to record entry systems. Converging these two together into IT, we’ve seen that now we have more IP addresses because it’s using network bandwidth. The cameras actually are our conservative part of IoT. They’ll be using local storage within a data center or to the cloud. To be more efficient in that space, we’re looking at some best practices today and building out things like network segmentation. I want my physical security to be segmented away from my traditional infrastructure within IT, so that way it doesn’t take any bandwidth, doesn't take away any access to resources that our users still need to get access to on a day-in, day-out basis.”
Multifactor authentication is another tool being used to boost physical security. It allows a company to determine whether an employee is logging in on-premises or remotely. That information can help to determine the capacity of physical spaces in a building and to limit access, if necessary.
Register below for an upcoming CDW Tech Talk, held Tuesdays at 1 p.m., to hear from IT experts live.