White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for



Similar documents
White Paper. Architecting the security of the next-generation data center. why security needs to be a key component early in the design phase

White Paper. Getting ahead in the cloud. the need for better identity and access controls

INTRODUCING isheriff CLOUD SECURITY

Symantec Protection Suite Add-On for Hosted and Web Security

Endpoint Protection Small Business Edition 2013?

Putting Web Threat Protection and Content Filtering in the Cloud

MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST

SYMANTEC ENDPOINT PROTECTION SMALL BUSINESS EDITION

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

EXTENDING THREAT PROTECTION AND CONTROL TO MOBILE WORKERS

Symantec Protection Suite Small Business Edition A simple, effective and affordable solution designed for small businesses

Secure Your Mobile Workplace

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Secure Web Gateways Buyer s Guide >

Building a Business Case:

A Websense White Paper Implementing Best Practices for Web 2.0 Security with the Websense Web Security Gateway

AVeS Cloud Security powered by SYMANTEC TM

IBM Endpoint Manager for Core Protection

Symantec Messaging Gateway 10.6

Technology Blueprint. Protect Your Servers. Guard the data and availability that enable business-critical communications

Cyber Essentials Scheme

Cisco Cloud Web Security Datasheet

Intelligent, Scalable Web Security

InDetail. SolarWinds Log & Event Manager. a full-functioned, yet affordable, SIEM

Endpoint protection for physical and virtual desktops

OVERVIEW. Enterprise Security Solutions

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

Symantec Messaging Gateway 10.5

Types of cyber-attacks. And how to prevent them

Cisco ASA and Cloud Web Security: Best-in-Class Network Security Combined with Best-in-Class Web Security

How To Secure Your Employees Online With Zscaler.Com And Your Website From Being Infected With Spyware Or Malware

I D C T E C H N O L O G Y S P O T L I G H T. S e r ve r S e c u rity: N o t W h a t It U s e d t o Be!

How To Support Bring Your Own Device (Byod)

WEBSENSE TRITON SOLUTIONS

Seven Requirements for Hybrid Web Delivery Getting the best of both on-premises and SaaS

Symantec Cyber Threat Analysis Program Program Overview. Symantec Cyber Threat Analysis Program Team

Protecting Your Roaming Workforce With Cloud-Based Security

DOBUS And SBL Cloud Services Brochure

WHAT ARE THE BENEFITS OF OUTSOURCING NETWORK SECURITY?

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Netsweeper Whitepaper

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Express Websense Hosted Web Security

overview Enterprise Security Solutions

McAfee Global Threat Intelligence File Reputation Service. Best Practices Guide for McAfee VirusScan Enterprise Software

Protecting Your Network Against Risky SSL Traffic ABSTRACT

Payment Card Industry Data Security Standard

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our

What Do You Mean My Cloud Data Isn t Secure?

Compliance in 5 Steps

Improving Business Outcomes: Plug in to Security As A Service Adrian Covich

Small businesses: What you need to know about cyber security

Supporting voice and business-critical applications across multiple sites

External Supplier Control Requirements

PATCH MANAGEMENT. February The Government of the Hong Kong Special Administrative Region

Advantages of Managed Security Services

A guide to enterprise mobile device management.

Big Tips and Ideas for Small to Mid-size Businesses

Symantec Protection Suite Enterprise Edition for Servers Complete and high performance protection where you need it

Emerging threats for the healthcare industry: The BYOD. By Luca Sambucci

Top 10 Reasons Enterprises are Moving Security to the Cloud

2012 Endpoint Security Best Practices Survey

The Cost Benefits of a Hybrid Approach to Security

Websense Web Security Solutions. Websense Web Security Gateway Websense Web Security Websense Web Filter Websense Hosted Web Security

Is online backup right for your business? Eight reasons to consider protecting your data with a hybrid backup solution

The Advantages of Security as a Service versus On-Premise Security

Cisco Cloud Web Security Key Functionality [NOTE: Place caption above figure.]

Endpoint protection for physical and virtual desktops

Converged Private Networks. Supporting voice and business-critical applications across multiple sites

Lab Testing Summary Report

INSTANT MESSAGING SECURITY

Protect the data that drives our customers business. Data Security. Imperva s mission is simple:

Protect your internal users on the Internet with Secure Web Gateway. Richard Bible EMEA Security Solution Architect

IBM Managed Security Services (Cloud Computing) hosted and Web security - express managed Web security

Managing Web Security in an Increasingly Challenging Threat Landscape

Firewall and UTM Solutions Guide

Technical Product Overview. Employing cloud-based technologies to address security risks to endpoint systems

White Paper. Lower your risk with application data migration. next steps with Informatica

Transcription:

White Paper What the ideal cloud-based web security service should provide A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010

The components required of an effective web security solution are many and varied, including a range of tools that guard against specific types of threats Fran Howarth This document is sponsored by

What the ideal cloud-based web security service should provide Executive summary In order to protect against the web-borne threats being seen today, any web security solution chosen should encompass a range of technology tools, backed up with business process automation capabilities. In short, it should encompass both tools and services. Of particular importance is that the terms of the agreement are clear to all, detailed in a service level agreement that defines what level of service is guaranteed and the penalties and sanctions to be applied if service levels are not met. The provision of reporting tools is of equal importance, so that organisations can gauge the effectiveness of the service and can prove that controls are working through auditing. This paper is the third in a series of four papers that examine the realities of web threats and looks at the promise that cloud-based solutions bring for organisations in terms of providing a higher level of protection against the increasingly complex and sophisticated threats being seen today. The previous papers explored the nature of threats and what the drivers are for embracing cloud-based services, and the fourth paper in the series will look at the benefits that are available from using protection services based in the cloud. As malware threats continue to rise, this series of papers is intended to be read by organisations in any industry that are trying to stem the tide of increasingly malicious webborne threats. Fast facts The ideal system should provide tools for guarding against all threats emanating from the web not just those already known, for which countermeasures are available, but also for previously unseen, zero day threats, for which effective mitigation needs to be developed and distributed to all customers automatically. The system should also support policies in force in a particular organisation and, in particular, acceptable internet use policies, to limit or block access to particular categories of website, as required. When considering a solution, organisations should also consider the financial viability of the service provider and check existing customer references to gauge levels of satisfaction with the service offered. The bottom line The components required of an effective web security solution are many and varied, including a range of tools that guard against specific types of threats. Of particular importance is that new threats can be mitigated through the use of advanced detection techniques so that countermeasures can quickly be developed and automatically deployed to all customers. This is something that is far easier to do with a solution based in the cloud than one deployed as software on every device needing protection, with all the associated set up and management headaches, since protection can be applied at the point where the threats are most likely to originate in the cloud. This document provides an outline of the main components of a cloud-based web security solution that will give organisations the assurance that they need that the threats are effectively under control. A Bloor White Paper 1 2010 Bloor Research

What the ideal cloud-based web security service should provide What the ideal cloud-based web security service should provide Taken as a whole, the purpose of implementing web security tools is to be able to protect the organisation from threats, boost data security and regulatory compliance efforts, and to enable the business through improved productivity for all, including mobile workers. To be effective, a web security service provided in the cloud should provide the means to stop viruses and other malware reaching an organisation, protect against phishing attacks and data loss, and prevent any other web-based threats from reaching the corporate network by filtering out malicious websites. It should be capable of protecting any device from webbased exploits whether the device is within the confines of HQ, or is accessing the network remotely. It must be capable of identifying users and authenticating them against permissions set in corporate directories in order to be able to enforce acceptable internet use policies. The following services should be provided as part of any web security services package: Anti-malware, anti-spyware and phishing controls: for protecting against such threats, organisations should look for tools that provide protection beyond signatures that have been written to protect against known malware. Because malware variants are being released so fast, the solution chosen should also offer heuristic filters, which look for patterns commonly associated with malware. This allows for protection against previously unseen variants of malware, or zero day threats, owing to the discovery of certain characteristics that point to the sample being malware. The use of heuristics will also boost the ability of the service to detect phishing attacks by looking for patterns associated with malware, in addition to databases of known compromised sites. Given the increasing prevalence of blended threats using a combination of web and email exploits, organisations should look for a service from a vendor that also offers email security products. Web content and URL filtering: web content and URL filtering enables organisations to protect themselves against malicious content such as malware or spyware embedded in web pages, or material that an organisation deems inappropriate, such as pornography or advertising. An organisation can set access policies according to role, group or individual in the organisation, and can limit access to specific categories of website to create customised URL lists. However, owing to the dynamic nature of the internet, organisations are advised to look for a service provider that keeps its database of malicious, inappropriate or compromised URL lists up to date with regular scans. In order to see what type of traffic is being filtered, the system should be able to provide reports of which users have requested which resources via a management console for audit purposes and to ensure that controls set are working as intended. Acceptable use policies: acceptable use policies are used by organisations to define which users can access which resources and the behaviour that is expected of them. This is particularly important given the expansion in the use of Web 2.0 applications such as blogs, wikis and social networking sites. The term Web 2.0 was coined in 2004 and such applications are proving to be popular with individuals looking for greater interactivity with friends and business contacts. At first, organisations looked to block their use within the work environment, but many are now realising that they too can benefit from greater use of Web 2.0 within their business. For example, most hiring managers will check a potential employee s posting on business networking site LinkedIn at the very least before extending an offer and some are proactively using Web 2.0 technologies to reach new customers and find potential employees. For this reason, many organisations are looking to allow their users access to Web 2.0 applications although many will look to limit their use to a certain time period, such as over lunch, or to specific groups, such as human resources only. Therefore, organisations should look for a service that provides support for the quotas set in acceptable use policies to be enforced by placing limits on time spent online, bandwidth, number of sites accessed, or limiting access to certain applications to particular time periods. Ability to scale as required: given the increasing mobility of today s workforce, any service chosen should provide access directly via an internet browser, without requiring a user to first connect to the corporate network, which is often done with the aid of virtual private network (VPN) technology that needs to be installed on each device by IT administrators. The service should also 2 2010 Bloor Research A Bloor White Paper

What the ideal cloud-based web security service should provide What the ideal cloud-based web security service should provide allow new users to be registered directly via the browser interface through self-service tools so that users can start to use the service quickly when they need it. This will also allow an organisation to scale up usage of the service should a disaster occur or bad weather conditions prevent employees from travelling to work as was seen in early January in the UK owing to heavy snowfall that made travelling impossible for some. In such a scenario, an organisation should be able to instantly request new users are temporarily added to the service to provide secure web access to prevent security incidents that could affect the performance of the business. Vulnerability analysis: a security threat increasingly being seen is that vulnerabilities are increasingly targeting not the actual browser, but the extensions and plug-ins that are made available for the browser. Most users are aware of the need to keep software applications up to date with the latest patches and upgrades, but less attention is generally paid to extensions and plug-ins to browsers, which are growing in popularity, in the main part for the added functionality that they enable for Web 2.0 applications. A useful addition to a web security service is the provision of vulnerability scanning capabilities to look for vulnerabilities in the operating system, applications and browsers on individual devices to report on any vulnerabilities that remain unpatched so that remediation action can be taken. 100% detection of all known viruses and spyware, but should also include penalties that will be applied should service levels fail to be achieved. Since the SLA is such a vital agreement governing the service, including the security controls that the provider puts in place, its importance cannot be overstated. Security provisions that should be considered include background checks and certifications for staff and the service provided, such as SAS 70 standards, and granular access controls to avoid any service representatives being able to access sensitive corporate information. Business continuity services: in order for the provisions of the SLA to be achieved, organisations should look for a service provider that has multiple geographically dispersed data centres that can guarantee failover and redundancy in the case of one data centre being unavailable. The system should use load balancing techniques to route web traffic to the nearest available data centre so that performance latency is minimised in order to maintain a fast browsing experience, which can be further enhanced through use of download acceleration and high-performance proxies. Figure 1 depicts the main elements that should be provided in a web security services suite. Service level agreement: when choosing a web security service, an important aspect to consider is the terms and conditions of the service level agreement (SLA) that governs the service contract. This should not only include guarantees for uptime for the service and for Figure 1: Elements needed in a typical web security services suite A Bloor White Paper 3 2010 Bloor Research

What the ideal cloud-based web security service should provide Summary In today s world of always-on connectivity, organisations can no longer assume that their employees will be behind a desktop accessing the information resources they need. As greater use of increasingly advanced computing devices, including laptops, netbooks and smartphones come into greater use in business, enabling more flexible working practices, technology tools must cater to their need to connect securely to the network from wherever they are, whenever they want to do so. Through the use of web security tools and services provided in the cloud, organisations can not only be sure that they are containing the threats, but that all devices in their organisation can be brought under control. Further Information Further information about this subject is available from http://www.bloorresearch.com/update/1081 4 2010 Bloor Research A Bloor White Paper

Bloor Research overview Bloor Research is one of Europe s leading IT research, analysis and consultancy organisations. We explain how to bring greater Agility to corporate IT systems through the effective governance, management and leverage of Information. We have built a reputation for telling the right story with independent, intelligent, well-articulated communications content and publications on all aspects of the ICT industry. We believe the objective of telling the right story is to: Describe the technology in context to its business value and the other systems and processes it interacts with. Understand how new and innovative technologies fit in with existing ICT investments. Look at the whole market and explain all the solutions available and how they can be more effectively evaluated. About the author Fran Howarth Senior Analyst - Security Fran Howarth specialises in the field of security, primarily information security, but with a keen interest in physical security and how the two are converging. Fran s other main areas of interest are new delivery models, such as cloud computing, information governance, web, network and application security, identity and access management, and encryption. Fran focuses on the business needs for security technologies, looking at the benefits they gain from their use and how organisations can defend themselves against the threats that they face in an ever-changing landscape. For more than 20 years, Fran has worked in an advisory capacity as an analyst, consultant and writer. She writes regularly for a number of publications, including Silicon, Computer Weekly, Computer Reseller News, IT-Analysis and Computing Magazine. Fran is also a regular contributor to Security Management Practices of the Faulkner Information Services division of InfoToday. Filter noise and make it easier to find the additional information or news that supports both investment and implementation. Ensure all our content is available through the most appropriate channel. Founded in 1989, we have spent over two decades distributing research and analysis to IT user and vendor organisations throughout the world via online subscriptions, tailored research services, events and consultancy projects. We are committed to turning our knowledge into business value for you.

Copyright & disclaimer This document is copyright 2010 Bloor Research. No part of this publication may be reproduced by any method whatsoever without the prior consent of Bloor Research. Due to the nature of this material, numerous hardware and software products have been mentioned by name. In the majority, if not all, of the cases, these product names are claimed as trademarks by the companies that manufacture the products. It is not Bloor Research s intent to claim these names or trademarks as our own. Likewise, company logos, graphics or screen shots have been reproduced with the consent of the owner and are subject to that owner s copyright. Whilst every care has been taken in the preparation of this document to ensure that the information is correct, the publishers cannot accept responsibility for any errors or omissions.

2nd Floor, 145 157 St John Street LONDON, EC1V 4PY, United Kingdom Tel: +44 (0)207 043 9750 Fax: +44 (0)207 043 9748 Web: www.bloorresearch.com email: info@bloorresearch.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information