Businessman sits in leather armchair in front of concrete wall and reads on his tablet

Cloud security must be a part of the company's DNA

SaaS offers companies flexible cloud services, but it comes with risks: loss of data, exposure of user identities, and non-fulfillment of compliance guidelines

Risk of shadow IT and cloud access

The fear of unauthorized data access or data loss in cloud computing continues to be a stumbling block for the majority of companies, according to KPMG Cloud Monitor 2019. Even if security and data protection are to play a significant role in the choice of a provider, companies neglect to sufficiently secure access to cloud services.

When it comes to the subject of cloud security, cloud providers and cloud users must uncompromisingly pull together and work with one another. After all, both have a goal and each has an awful lot to lose: for the cloud users it is their likely critical data, and for the cloud providers it's their reputation and, ultimately, their business.

Cloud Monitor 2019, KPMG and bitkom research

Cloud security starts with visibility

Businessman sits in meeting room looking at a tablet in his hand

According to the study “Unternehmens-IT: Immer mehr Auslagerungen oder alles retour” (Company IT: more and more outsourcing or everything reverts back) by the management consultancy firm Axxcon, companies are increasingly losing sight of which cloud services they are having implemented. More than half of the managing directors, CIOs, IT managers, and security personnel questioned for the study assume that employees in their company use decentralized procured services. Around 30 percent even believe that it concerns more than ten different applications.

From the point of view of the users, there are good reasons for this. Many cloud apps (Software as a Service – SaaS) are practical and lead to fast results. Register, log on, invite colleagues from the department, and you are ready to go. This is a quick way to bypass compliance checks, data protection approval processes, and long waiting times. SaaS offers a wide range of services that are interesting for all company departments: from Production and Materials Management, to Accounting, Personnel, Sales, and Marketing and Media Relations.

Security and cloud computing

54%

of public cloud users confirm an increase in data security since introducing the public cloud.

31%

of public cloud users implement the public cloud for virtually all, or at least the majority of, their critical applications and workflows.

35%

of public cloud users report difficulties with the implementation of their security requirements.

Only 48%

of companies check the unauthorized use of public cloud services in specialist departments and teams.
Cloud Monitor 2019, KPMG and bitkom research

We look forward to your project!

We are happy to provide you with the right experts and to answer your questions about planning, implementation, and maintenance for your digitalization plans. Get in touch!

Protecting SaaS services

Man sits concentrated at the computer and holds pen end to his mouth

However, the uncontrolled growth of various cloud and software as a service technologies carries risks. This is why you should monitor and protect every SaaS service used in the company, even official ones such as Office 365. The challenge here is that neither the data nor the services themselves are under the control of the company itself.

The service Cloud Protect Pro detects and visualizes shadow IT, protects access to cloud applications, and classifies and regulates uploading, sharing, and downloading of data in the cloud (e.g. Office 365, SalesForce, Slack). The offer consists of a cloud access security broker (CASB). This platform recognizes cloud services in the company, regulates them, and protects them against misuse.

The service evaluates the risk associated with the cloud services, regulates the access through monitoring and inspection of data flows as well as classification and risk assessment of data. It also detects and prevents the misuse of usernames in cloud services by analyzing the user behavior and detecting deviations caused by malicious users or malware. Only then can all employees access the data smoothly and safely and work in the cloud under supervision. On request, security experts support the integration and operations.

Digital ecosystem

Future-proofing a company requires four building blocks: connectivity, cloud and infrastructure, security, and digitalization. Secure your network and protect data traffic to and from the cloud with a Secure Web Gateway.

To our strategy