Where to Find Great Cloud Security Tools
Everyone wants to protect cloud-based operations. While some such operations will have protective measures built in, not all of these will, particularly for those managing their own cloud systems. Some cloud tools will even work to protect against things like shadow IT, where employees run their own IT operations without sanction or formal network inclusion. Computer Business Review recently took a look at some of the best tools around for cyber security.
One such tool is Skyhigh for Shadow IT, a tool that can discover and note all cloud services operating, whether software-as-a-service (SaaS) or most any other breed of -as-a-service. Statistics show upload and download volumes as well as numbers accessing the service, showing sanctioned IT just what's being used and what potentially should be brought into the fold. CipherCloud, meanwhile, offers its Trust Platform as a cloud access security broker (CASB) to show just where data is going and what's being used. It also comes with encryption and tokenization systems to help drive better security, and it can work well with several major file sharing applications for added value.
Boxcryptor works as a “cryptographic virtual hard disk,” allowing users to store data, encrypted, in certain key platforms like Dropbox folders or SkyDrive directories. The files in question can be encrypted before uploading to the cloud, allowing a better level of protection than just perimeter defense alone. It works with several platforms, from major mobiles iOS and Android to corporate standards Windows and Mac OS X.
Zscaler works as a cloud firewall system, inspecting traffic for malicious behavior before it reaches the cloud, proving a more thorough security measure than some of the standards that only use customer logs to watch for cloud app use taking place without official sanction. Finally, there's Centrify, which uses its Centrify Identity Platform to focus on identity management, offering a perimeter defense tool that works especially well for a mobile workforce.
What's great about this toolset is that it covers so much at once. It's got perimeter defense to work to keep the wrong people out and let the right ones in, it's got encryption to protect data when something goes wrong, and it even works to prevent some level of “inside job” operations by restricting shadow IT operations. It also allows companies to better offer tools that employees are using—if there's a lot of shadow IT, usually there's a flaw somewhere in the standard offering, be it a poor-quality tool or no tool at all offered—and helps improve the experience for everyone.
There's no shortage of tools out there to help make a company's operations more secure, and there's also no shortage of those who want to take advantage of lapses in security. Protecting a business is vital to its continued operation, so failing to consider the available tools is a data disaster waiting to happen.
Edited by Rory J. Thompson