Key security solutions like secure web gateways (SWGs) are crucial for organisations to overcome the challenges associated with today’s workforce. Anurag Kahol, Founder and CTO at Bitglass, discusses the benefits of using secure web gateways and the factors that should be considered when selecting a modern SWG solution.
The second quarter of 2021 marks a full year of remote work for many organisations, highlighting how the COVID-19 pandemic has accelerated transformation globally and changed the future of work – likely permanently. According to a recent survey, 81% of employees want to continue remote work even after the pandemic, with many reporting improved productivity while working from home.
However, to thrive in a distributed work environment, organisations will need to ensure that security is modernised to appropriately support today’s operational realities. That means making certain that security solutions like secure web gateways (SWGs) can overcome the challenges created by today’s workforces.
SWGs explained
From protecting users against web-based security threats to enforcing company secure and acceptable use policies, SWGs have played a critical role in enterprise security for almost two decades now. During this time, SWGs evolved beyond their first use case, URL filtering, to take on other more advanced capabilities as the environment in which SWGs are used has evolved.
Instead of a primarily stationary user base working within fixed perimeters tied to data-centre hosted resources, today’s modern workforce is both mobile and widely distributed and uses varied technologies and devices. Unfortunately, legacy SWG solutions are no longer able to adapt easily to today’s cloud-centric work patterns and norms.
When selecting a modern SWG solution, here are six important questions you should be asking yourself:
- Is this the right architecture for our needs?
When evaluating which SWG will be most capable of supporting the realities of cloud-centric remote work, architecture is the most important thing to think about. Today’s workforce expects highly available solutions with low latency, regardless of location. This is particularly essential for employees using residential Internet.
Any solution that adds additional latency through on-premises appliances, traffic backhauling to cloud proxies, or additional network hops are not scalable in modern business environments. To be effective, a modern SWG should be installed at the Edge, directly on end-users’ devices. This ensures both enhanced security performance and a better user experience and will support a trio of top benefits: user productivity, Business Continuity and security.
- Am I going to get real-time threat protection?
The Internet is full of malicious threats that can compromise enterprise security. While standard SWGs may feature URL filtering to block unsafe or unproductive destinations, this capability alone is not enough to completely defend against malware as users can easily become infected in trusted destinations; for example, opening an infected email sent to a personal Yahoo account or downloading an infected file from a partner’s Dropbox.
With the majority of the workforce now operating beyond the protection of corporate firewalls and new cyberattacks being reported on a daily basis, SWGs need to block access to malicious sites and prevent downloads of malicious content in real time.
Rather than relying solely on signature-based detections that miss zero-day threats, implement SWGs that instead use behaviour-based detection technologies to prevent infected files from making their way onto users’ endpoints.
- How is SWG going to prevent robust data loss?
Users generate more and more data which means the risk of data loss, accidental or otherwise, grows. The web represents a convenient avenue for users to steal or unknowingly expose sensitive data, so SWGs should be able to support advanced data loss prevention (DLP) use cases, including the use of advanced regex or exact data match to prevent unwanted data loss through web uploads. Similarly, when users attempt to upload sensitive files to unmanaged apps such as personal email or social media, SWGs should automatically block the upload in real time.
The aim of the game is to prevent data loss before it happens, rather than responding after with reactive alerts.
- Can this SWG handle unmanaged application control?
Increased application usage combined with the exploding number of locations and devices the workforce is using means that unmanaged application control is a top priority. However, blocking an application should not be the only option.
Selecting an SWG that provides granular and flexible application control will ensure users are able to stay productive while maintaining security and adherence to corporate policies. Ideally, look for dynamic coaching and Machine Learning capabilities that will render shadow IT read only to control unmanaged apps and enable compliance.
- Will I get granular visibility and reporting?
Consistent visibility and control across apps, devices, on-prem resources, infrastructure and the web is important for protecting data and defending against threats. Yet 61% of organisations state they already lack unified visibility across their IT ecosystems, and widespread remote work only exacerbates the problem.
As well as providing detailed logs on who is accessing what across all user devices, regardless of physical location or network used, the SWG’s reporting capabilities should deliver against the dual requirement of being able to validate security policies as well as showing regulatory compliance in audits.
- Is SWG part of a comprehensive SASE offering?
Along with Cloud Access Security Brokers (CASBs) and Zero Trust Network Access (ZTNA), SWGs represent a key pillar of Secure Access Service Edge (SASE) architectures. So ensuring a chosen SWG is part of a comprehensive SASE offering will both ensure total cloud security and future-proof investments.
Securing the enterprise: Modernising the SWG
The recent rapid expansion of the remote workforce means it’s time for a rethink where legacy SWGs are concerned.
First-generation SWG technologies combined inelastic appliances and simple traffic forwarding agents to handle the bulk of cloud data and traffic. Developed for an on-premises world, they can’t scale to meet the dynamic requirements of cloud-first environments where users and data can be anywhere, and workloads are constantly shifting.
By moving traditional security features such as URL filtering, threat protection and SSL decryption and inspection closer to the user, IT can equip endpoints with on-device SWGs that make it easy to enforce security policies on remote worker devices dynamically without unnecessary complexity, latency or cost.
Click below to share this article
