this is the archive page

SASE: What is it, why now, and is it right for you?

For many organizations, the remote work revolution hastened the need for digital transformation. The rapid migration of applications and operations to the Cloud now means security must follow the user and not be tied to a traditional brick-and-mortar location. Digital transformation is a complex process. Organizations now require expertise in both networking and security, and the move to the Cloud can also be costly.

That is where secure access service edge (SASE, pronounced “sassy”) comes in. In the not-too-distant past, SASE stood for “Self-Addressed Stamped Envelope”, and the acronym’s evolution exemplifies the rapid transformation of our digital world. In cybersecurity, this new concept originated from Gartner in 2019 and refers to a combination of cloud networking and security tools.

With its Network Security as a Service offering, CBTS combines SD-WAN technology and SASE principles to provide efficient, secure, and cost-effective networks for organizations moving toward remote and branch operations. To help you embark on your digital transformation journey, CBTS has prepared the following guide on critical SASE benefits, what challenges you should look out for, and why there is no going back.

What is SASE, and how does it work?

SASE is a network architecture combining software-defined wide area networking (SD-WAN) and security into a singular cloud framework. Organizations benefit from improved efficiency, heightened security, and simplified WAN deployment.

The SASE framework and philosophy is a novel approach to a cloud-enabled enterprise network with many operational, business, and security benefits. For example, converging an organization’s networking and security services reduces complexity, boosts network performance, and minimizes the number of vendors and devices IT oversees.

Additionally, there is a considerable reduction in hardware requirements, lessening IT staff’s workload related to deployment and maintenance while expanding actionable security alerting and monitoring.

By implementing SASE, you’ll engage with five core technologies:
  1. Integrated SD-WAN: Optimize network administration and performance by leveraging software and cloud-based technology for enterprise network connectivity.
  2. Cloud access security: Ensure safe use of cloud technology for your enterprise. Improving cloud security prevents malware infections, data leaks, and regulatory noncompliance.
  3. Firewall as a service: Deploy cloud-based firewalls to take advantage of advanced threat protection, URL filtering, DNS security, and intrusive prevention systems.
  4. Secure web gateway: Protect your internal network and users from potentially malicious unsecured Internet traffic.
  5. Zero trust network access: Reduce the risk of attacks and data leaks by verifying the identity of users or devices attempting to access your network.]

Learn more about how SASE and zero trust network access work together to deliver safe, secure, and reliable remote access to your network by downloading our e-book SASE and ZTNA for Dummies

Complete your SD-WAN migration with improved security

Migrating to SD-WAN has become a critical endeavor for enterprises across the globe, and SASE provides the ideal path to a successful implementation.

Due to the swift spread of the COVID-19 crisis, many enterprises quickly shifted to a distributed workforce. They soon realized that their existing VPN-based solutions were often unreliable, with limited performance and security measures. CBTS previously wrote about how SD-WAN security enhances critical business applications, but in short, enterprises benefit from a networking solution offering more affordable, reliable, and faster connectivity.

In the secure access service edge framework, realizing these benefits and improved security for a remote workforce is much easier. With remote work here to stay, organizations must be able to support increasingly dispersed teams safely, and security is paramount to doing so. 

SASE employs a flexible, cloud-based firewall that protects users and computing resources at the network’s edge. It offers secure web gateways to protect companies from the threat of harmful outside resources. It also implements zero-trust network access, which bases security on identity rather than aspects like an IP address.

Altogether, by leveraging SASE, organizations ensure branch offices can take advantage of ongoing digital innovation efforts and improved security features as they scale.

Also read: Beyond the hype: Discovering the real benefits of SASE

Keep pace in a shifting digital landscape

Our increasing dependence on the Internet of Things (IoT) and edge computing necessitates a trustworthy, homogenized approach to cloud-based services and security. In this environment, secure access service edge is often already an essential aspect of a company’s digital makeup.

Remote workforces must rely on sophisticated, tailored cloud services that let them confidently perform their duties. IT staff cannot be hampered by legacy hardware or with features merely stitched together instead of well-integrated.

The digital landscape is constantly evolving, and so are its threats. Ransomware attacks continuously increase in volume and complexity, with threat actors assisted by generative AI and automation tools. Additionally, nation-state attacks will see an uptick, while the number of states starting to give privacy rights to consumers (especially pertaining to biometrics) is on the rise.

Enterprises can best address these concerns by deploying an integrated, complete response to the cloud-based security needs of modern organizations.

Reduce the burden of network and security maintenance

Beyond increased efficiency and reduced complexity, taking the plunge with a combined networking and security offering simplifies operations for an enterprise’s IT staff.

Regardless of where users are located, SASE ensures security policies are standardized. It also simplifies the authentication process by applying the right policies based on what the user requests at sign-in. IT executives can set these policies centrally using cloud-based management platforms. These procedures massively reduce risk, as the system is less complex and offers a universal approach.

An enterprise’s IT staff often gets overloaded with menial, time-consuming tasks, and a combined SD-WAN and security offering frees it to improve business efficiency, address IT concerns affecting the bottom line, and support the organization.

Why CBTS for SASE?

If legacy infrastructure, increasing complexity, and skyrocketing costs are standing in the way of your team completing your digital transformation journey, CBTS is the right partner for you.

The partner you select must have experience in both network and security solutions. CBTS provides a range of expertise compared to other managed service providers with a long track record of delivering extensive networking and security overhauls. 

In 2020, CBTS was named a Gartner Magic Quadrant leader for its VMware VeloCloud SD-WAN™ edge expertise. By combining VMware VeloCloud SD-WAN with SASE network security principles, CBTS delivers comprehensive cloud-native network security. 

Our experts work alongside you from the assessment phase to the implementation of your SD-WAN and security capabilities to provide ongoing, full-spectrum support for your organization.

Contact the experts at CBTS to enhance and simplify security for your modernized networking environment.

A CISO’s journey: empowering women in tech and securing the skies

A discussion about attack surface management, risk and compliance, and developing female leadership in tech

Summary:

In this episode of CBTS Tech Talk, Inside the CISO’s Office host John Bruggeman engages with Deneen DeFiore, the VP and CISO of United Airlines. DeFiore discusses advancements in technology and how they have helped in cybersecurity and also highlights the challenges cybersecurity professionals face due to the large attack surface and the creativity of threat actors. The conversation also touches on the challenges faced by women in cybersecurity and the need for representation and sponsorship to promote diversity.

Who is winning the “technology war”?

As cybersecurity technology advances, the attack surface continues to expand, sometimes exponentially. Managing the entire threat landscape is challenging for even the most seasoned security teams. Deneen related that despite advances in security technology, “it’s still an asymmetric advantage for the threat actor,” due to the sheer volume and scope of the environments, devices, and third-party connections that security teams must manage.

“…[The] attack surface is very large,” she said, “and it continues to extend outside of a company’s perimeters to third parties or nth parties to trusted partners to consumers or whatever. Trying to get your arms around that is not an easy thing to do. And a threat actor only has to find one little loophole in the whole entire ecosystem, and they’re in.

Which technologies are “winning the war” in cybersecurity

“I think technology has given us a good advantage to get visibility into what normal should look like,” she added, “and now attackers have to work a little bit harder, but they are. They’re getting more creative and taking advantage of things we wouldn’t traditionally think of as cyberattacks. Basic features in systems [are being turned into attacks].”

John noted that these attacks are more than simply a denial of service and added that threat actors utilize increasingly complex social engineering schemes, malware campaigns, and ransomware attacks, powered up with automation and AI tools.

Tools for attack surface management

A primary challenge for cybersecurity professionals is gaining visibility into complex heterogeneous environments, particularly with mergers and acquisitions. Companies may not have complete visibility into merged environments. Deneen recommends inventorying digital assets regularly. As John put it, “If you don’t know where the data’s stored, it’s going to be hard to protect it and really hard to preserve the privacy of your customers.”

Our experts also talked through micro-segmentation, the zero trust security practice of segregating networks to minimize the damage of a successful data breach. Deneen said, “I think we probably, as cybersecurity professionals, need to change our thinking about [micro-segmentation]. We’ve done a lot of zoning in on test versus prod environments or types of data, and that’s good. We have to do that, but that’s not the end-all-be-all. Because data protection is one thing, resiliency is another. So, micro-segmentation in a resilient lens, and looking at how the operations use the systems and segmenting that way is something I think organizations need to consider.”

Deneen also emphasized that each business is different, and every security fabric will look significantly different based on a company’s goals and acceptable network downtimes. “It’s also a point to make sure that you understand, again, what outcomes and how you’re trying to achieve as an organization and how your business operates. Because data protection could be number one for somebody, and resiliency could be number one for somebody else. Those strategies and tools and how you approach things need to be thought of in the context of what you are trying to achieve as a business.”

…something that we have to do to make sure that everybody is aware that cybersecurity is a team sport.

Deneen outlined three critical areas of risk to appreciate in cybersecurity:

  • Understanding threat intelligence – Comprehending the threat landscape from the POV of a bad actor—who they are, their techniques and tools, and their procedures—to better prepare for data incursions.
  • Understanding your environment – An organization must fully understand what data it protects and where its data “lives” to prepare a robust defense.
  • Understanding the regulatory landscape – Changing laws govern what data can be stored about customers, passengers, and employees, with or without consent.
Particular areas or tools for attack surface management

Deneen talked about compliance management at United in the context of the Ukraine-Russia conflict. “When things like that happen, there’s always a regulatory response around [them]. We need to make sure cybersecurity is really, really strong in aviation. So, we like to make sure that we are plugged into the industry groups, the policymaking, and rulemaking, providing our comments and also educating the regulators on what we do and how we run the airline; how we manage technology risk, not only from my team’s perspective as a cybersecurity organization, but how that’s delegated; responsibility and awareness as well into the operation, so as people are doing their jobs, they can identify the information around a threat or around a risk, and then raise their hand and say, ‘Hey, we need to think about this,’ or, ‘I want you to consider this.’ It’s an interesting journey, but it’s something that we have to do to make sure that everybody is aware that cybersecurity is a team sport.”

Cybersecurity awareness and training

United Airlines must securely manage hundreds of thousands of employee devices, including the electronic flight bags (EFB) that help pilots manage navigation and flight plans. Deneen emphasized the importance of annual cybersecurity compliance training, regular newsletters, and phishing exercises—the “basic table stakes” of managing the attack surface.

Cybersecurity awareness & training

However, she added that it is important to move beyond the basics. “But what we also do is look for ways to integrate into the operations, how people do work,” she said. “So, for instance, flight attendants have to train for several months before they actually get to fly, so as they’re doing their training—learning to use their what we call link device, their in-flight mobile device—what are the tips that they need to do to make sure that they are handling that device securely, using the application securely? And we do that in five-minute blurbs, so it’s not like they’re sitting down for cybersecurity training. It’s, ‘Oh, by the way, you need to use this app to [check who’s on the plane].’ Or do passenger reconciliation or whatever it is.”

Also read: How integrated cloud security affects your bottom line

The value and threats of ChatGPT

John and Deneen then addressed artificial intelligence, with their takes on ChatGPT. John volunteered that he is “not a huge fan of calling it artificial ‘intelligence’ because I don’t really feel that it’s intelligence. I actually started to use the term ‘an expert system’ because they’ve taken just a large language model, and you can ask it a question, and then it will read its index of words that it’s put together and their order.”

The value & threats of Chat GPT/Generative AI

“I think it is a gamechanger for a lot of different use cases,” Deneen noted and continued with the example of a customer service contact center. “There is a lot of efficiency and productivity that an organization can gain as well as enhancing the customer experience to make it a lot more delightful than having to wait on a phone for four hours when you can get an answer very quickly based on an approach that an organization wants to take.”  

She noted that the all the possible use cases and questions around using AI come down to being responsible, adding, “You can do it, but should you do it? Privacy, transparency, equity, fairness…it’s a lot bigger than people realize, and we have to think about how we want to use this responsibly.”

Advice for women getting into the technology industry

After Deneen described challenges she has encountered advancing in the mostly-male dominated field of cybersecurity, Lance asked her to share advice to girls and young women who are thinking about a career in technology.

“If you’re passionate, you’re smart, you will succeed,” said Deneen. “Don’t let anybody tell you you won’t. I mean, absolutely not. Make sure that you have that belief in yourself and really, really stick to your guns. It’s hard to do, but [you have to have somebody who’s backing you up]. If it’s your parents or a friend or a sponsor or whatever, you have to make sure that it comes from in here (touches heart). That’s the biggest thing. Nobody else is going to do it for you except for you.”

Advice for women getting into the technology industry

Managing attack surface risk with CBTS

In addition to keeping our followers and clients up-to-date on the latest industry information and thought leadership through conversations with experts like Deneen Fiore, CBTS provides the up-to-the-minute threat intelligence that your organization needs to stay ahead of threat actors, the insight and experience to help you understand your environment, and the expertise to help you manage the compliance landscape.

CBTS firmly upholds the idea that connectivity has the potential to transform lives, and we believe that our connections become stronger when we embrace the diversity present in our employees, customers, and shareholders. We pledge to implement diversity and inclusion initiatives that align with our organizational values, such as forward-thinking recruitment policies and fostering talent development.

Get in touch to learn more.

Vulnerability assessment vs. penetration test: Understanding the differences

When we talk with clients about our services and we review our services catalog, we often hear these questions:

  • “What’s a vulnerability assessment?”
  • “What do you do during a penetration test?”
  • “Do you perform a vulnerability assessment during a penetration test?”
  • “Why do you have two service offerings for these things? Aren’t they the same?”

I understand that these two offerings can seem, on the surface, as if they are very similar services. While those of us who spend all our time in the security space at least understand the significant differences between these two activities, even for some of us security professionals, the nuance involved in each can be confusing. The good news is, with either of these offerings, the overall goal is to help enhance an organization’s security. Hopefully, by the end of this post, I have helped “demystify” some of that nuance.

Read More: Cybersecurity highlights of 2023: New SEC cybersecurity rules and the major breaches driving them

What is a vulnerability assessment?

On the surface, a vulnerability assessment is exactly what you might think it is, depending on your experiences. A good analogy of the general purpose of a vulnerability assessment is to think of it as a “health check” of an organization’s security posture. It is very much like having a checkup performed by a medical professional. We will take our time, check all the systems on the network with the full collaboration of the organization, and identify potential “health” issues.

Using broad strokes, these are the key steps for a vulnerability assessment:

  1. Define the scope of the assessment. Ideally, this is 100% of the organization’s environment, including externally and internally facing assets.
  2. Coordinate credentials for the assessment team to leverage during the engagement for authenticated scanning.
  3. Configure the software and execute the scanning process.
  4. Review the results of the scanning process and, analyze and aggregate the results to draft a report.
  5. Deliver the report.

As noted in the list above, vulnerability assessments rely on using vulnerability scanning software to perform the data collection portion of the assessment. An essential step in configuring this software is providing credentials for the software to log in to the target hosts. Performing a “credentialed” scan provides a deeper insight into the security posture of each device, as the authenticated software can then dig into the operating system and discover missing patches, configurations, and other potentially vulnerable items in a more “true positive” way.

When a scan is unauthenticated, the software has to make some assumptions about what it knows about the system and the open ports after performing tests. This can provide a view into what may or may not be vulnerable on each system in the scope, but this is not as true of a picture as if it were done with more depth.

The most nuanced step in this assessment process is the fourth step above, reviewing the results. While it is true that most penetration tests will include a vulnerability scan of some type (more on that later), a vulnerability assessment dives deeper into the results. It provides additional validation of the complete data set. A talented vulnerability assessor takes time to slice the often mountain of data collected, combines findings into categories—aggregating like groups of findings into more meaningful and actionable findings—and determines the most “true positive” and accurate result set to provide to our customers. This set of actionable, accurate, and aggregated findings gives our customers a roadmap to follow that helps them move into a more secure posture as efficiently as possible.

Read More: Why network security assessments are necessary during M&A

How is that different from a penetration test?

Well, the easy answer is just one word – exploitation.

I mentioned earlier that a penetration test would include a vulnerability scan. Still, in the process of a penetration test, there are two significant differences between what is done here and what is done during a vulnerability assessment:

  1. The scan results come from software that does not use any provided credentials.
  2. To maximize the time used in a penetration test, the operator will focus on the systems and vulnerabilities identified that appear to be the most exploitable.

I know what you’re saying: “You said earlier that credentials are important. We get it; move on from that and tell us what that second point means!” That second point follows the goals of a penetration test over and above that of a vulnerability assessment. We take the results of a scan, which can be performed at the onset or in the middle of the test, and leverage information found there to exploit the target systems actively. We leverage additional tools, tactics, or procedures to use that vulnerability and gain a foothold on a system, escalate our current user privileges, or pivot onto another system within the scoped environment. We often string together several exploits that leverage vulnerabilities to those same ends.

We highlight in our reports the technical storyline of what exploit paths we chose, why we chose them, and how we were able to leverage those exploits into further system or network access. We then provide a detailed list of “true positive” findings and remediation recommendations tailored to the organization. This includes a high-level overview of the vulnerability scan results performed during the penetration test. We also provide each client with the results and our final report.

Overall, while the goals of a vulnerability assessment focus on finding weaknesses within an organization’s environment, a penetration test takes it one step further and exploits those weaknesses. This helps an organization measure the effectiveness of its security controls and determine how well it can withstand the conditions of an attack.

Read More: Pentesting, Chicken Guns, and Mike Tyson

Both methods are critical components of a robust cybersecurity strategy and provide valuable insights to help organizations better protect their digital assets from evolving threats. Contact us today to learn how to incorporate these into your better defensive posture.

Beyond the hype: Discovering the real benefits of SASE

In this CBTS Tech Talk episode, hosts Lance Hart, Justin Rice, and Jon Lloyd discuss the real benefits of secure access service edge (SASE) as well as the hype surrounding it and its integration with zero trust.

What is SASE, and why all the hype?

Secure access service edge (SASE) merges cloud networking and security. It includes various components such as SD-WAN, secure web gateway (SWG), and cloud access security brokerage (CASB), among other technologies. The goal is to unify networking and security through a single platform, which does not necessarily have to be provided by a single vendor. The benefits of SASE include faster networks, next-gen security features, and streamlined IT environments.

Justin weighed in: “It almost feels that SASE—the convergence of network and security—was almost inevitable, especially as SD-WAN continued to mature… [SASE development] accelerated through the pandemic, where security was no longer governed by just the place you went to work; it was where you existed everywhere. And it forced organizations to rethink how they secure all their users’ endpoints regardless of where they are.”

Jon explained where the hype surrounding SASE originates. “All OEMs started to say, ‘Well, let me define SASE. It’s whatever else I do also. I bought this company, and now I do EDR. Isn’t that part of your SASE?’… And so that’s where we talk about some of the hype—SASE doesn’t mean it’s one size fits all. You don’t have to buy every SKU from the same OEM, but that’s what’s created this paralysis coming back out [of the pandemic].”

Jon pointed out that enterprises did not have a choice in 2020. They needed a VPN solution to accommodate a remote workforce as fast as possible. However, now and moving into 2024, organizations can create an accurate roadmap for integrated security that works for their specific environment.

Learn more: SASE: What is it, why now, and is it right for you?

Single vendor vs. best-of-breed SASE

A recent study from Gartner predicts that by 2025, as many as 50% of organizations will adopt SASE, up from just 5% several years ago. Many of these organizations will choose a single-vendor approach. “While that sounds well and good… I’ve seen single vendor SASE just now starting to be a talking point,” Justin said. CBTS maintains that there is currently no single-vendor SASE solution that will completely meet all the needs of an organization’s integrated networking and security. CBTS still recommends best-of-breed, customized SASE environments, especially for large enterprises. However, it seems clear that market forces will continue to drive SASE solutions into consolidation.

As CIOs plan SASE adoption over the next three to five-year cycle, should they consider single-vendor or best-of-breed for their organization? Do the streamlining benefits of single-vendor SASE outweigh the customization of best-of-breed solutions?

Jon said, “How are you doing it [SASE implementation]? Are you doing it yourself or working with a managed service partner? … One of the things we try to do with our customers at any stage (whether that’s mid-market, enterprise, it doesn’t matter) is to bring best-of-breed solutions and put a simplified wrapper around them. CBTS is managing it. You shouldn’t care what the logo is.”

The challenges of SASE

Jon and Justin identify several critical challenges to enterprises seeking to implement SASE:

  • Understanding your current environment – Organizations need to assess what is in place, what still has value, and what has depreciated in their environment.
  • Vendor selection and price models – Researching, budgeting, and negotiating are primary obstacles to getting the most value out of a SASE solution.
  • Quality of experience – OEMs focus more on getting 100% wallet share instead of executing as well as possible. Operational excellence in deploying SASE solutions is not yet present in the single-vendor market.
  • Security threats – There is still an attack surface at the branch, and the physical world still exists, even with virtualized infrastructure like SD-WAN and SASE.

Critical considerations for integrating SASE with an existing infrastructure

Most experts recommend phasing out legacy VPNs in favor of zero trust network access (ZTNA) within the next six months. So, IT leadership might be anxious to implement SASE as quickly as possible.

Jon and Justin urge caution and recommend that your organization think through several core points:

  • Assess your current environment before implementing new technology.
  • Migrating to new technology requires upfront legwork and planning. Is your organization prepared financially and operationally to take on the task?
  • A three to five-year roadmap implementation requires a dedicated project team and manager.
  • Starting with small wins is better than trying to do everything at once.

How does the concept of zero trust fit in with SASE?

Jon and Justin discussed the benefits of zero trust network access and the role of SASE within the larger framework of zero trust. They highlighted the importance of securing end-users and improving the employee experience, particularly when accessing applications from multiple devices and locations.

Jon said, “When we look at ZTNA, it’s the first tool that allows us to deliver a great employee experience from wherever they are. We’re distributing that architecture globally. So rather than having to come back to a data center or a server running an application, we can go to the closest geo-cloud to authenticate.”

They noted that ZTNA provides a more secure and reliable alternative to VPNs, which can be vulnerable to attacks and can negatively impact performance. Additionally, they emphasize the need for identity access management and governance in conjunction with ZTNA. Overall, both experts believe that ZTNA is critical to building a more robust and secure architecture and should be adopted as part of any organization’s cybersecurity strategy.

Learn more: How to secure your data by implementing a zero trust architecture

What does the future hold for SASE?

The short answer? It depends. Jon explained, “It depends on the organization and what you’re hiring SASE to do. I think there will absolutely be organizations where ZTNA is the network. You have an Internet pipe, and you have a laptop running ZTNA client. Do I need a firewall if every laptop is a firewall? And so maybe I will just protect the data center.”

As SASE vendors continue consolidating and streamlining their offerings, choosing an MSP that genuinely understands the technology and works as an advocate on your behalf is increasingly important. CBTS is your ideal choice as a technology partner because of our vendor-agnostic approach. Our team can create the best-of-breed solutions that best suit your enterprise. With CBTS managed services, you retain a single point of contact, no matter how many OEMs are deployed, to keep your network fast and secure.

Get in touch to learn more.

How integrated cloud security affects your bottom line

What is cloud security?

A recent study found that the global cloud services market is valued at $454 billion and is expected to surpass $2 trillion by 2032. As businesses continue to shift toward cloud integration, security becomes more and more urgent. Even though the Cloud is much more secure than traditional on-premises data centers, vulnerabilities still exist. These vulnerabilities make investing in cloud security services vital.

What exactly is cloud security? Cloud security is a set of tools, frameworks, and protocols to protect data (in motion and at rest) from unauthorized access, theft, or malware threats. Cloud security spans assorted technologies to defend public, private, and multi-cloud environments, whether Infrastructure as a Service (IaaS), Software as a Service (SaaS), or Platform as a Service (PaaS).

When configured correctly, cloud-integrated security keeps organizations profitable by defending against the negative ramifications of a data breach, such as losses in paid ransom, reputational damage, regulatory action such as fines or license suspension, as well as guarding end-user data. Like other elements of cloud computing, your security team becomes cost-efficient by switching from the capital expense model to operating expenses. Bills come from small, monthly subscriptions and service fees instead of costly, upfront investments.

Why integrated cloud security is vital

If cloud computing is more secure than on-prem, why worry about it? Gartner calculated that organizations lose an average of $5,600 per minute of downtime experienced from a malware attack. Besides shrinking your attack surface and lowering the likelihood of a breach, cloud security can help maintain business continuity in the event of a successful breach or natural disaster. Data protection services such as managed backup and Disaster Recovery as a Service (DRaaS) ensure minimal downtime and maintain data compliance.

The shared responsibility model

Cloud security utilizes the shared responsibility model, in which a cloud service provider (CSP) and the customer share the burden of defending cloud systems. Confusion sometimes arises about who exactly is responsible for what.

There are minor differences between each CSP and which model of cloud you choose: IaaS, PaaS, SaaS, or some combination of all three.

Generally, the cloud service provider is responsible for the security of:

  • Data.
  • User identities.
  • Identity.
  • Physical networks.
  • Servers and storage.
  • Hypervisors.

The customer is responsible for securing the following:

  • Operating systems.
  • Virtual networks.
  • Applications.
  • User data.
  • Operations.
  • People and employees.

Note that network security is the customer’s responsibility in IaaS.

Customer vs Googles responsibility for IaaS, PaaS and SaaS

Benefits of cloud security

  • Lower costs – Cloud data security can lower costs and reduce administrative burden.
  • Cost-efficiency – Cloud-integrated security helps to shift spending models from CapEx to OpEx, resulting in cost savings.
  • Greater visibility – Robust security measures for cloud data offer insights into the internal operations of your cloud environment, such as identifying data assets and their location, monitoring user activity, and tracking the type of data being accessed.
  • Backups and recovery – Cloud data security offers automated and standardized backup solutions, freeing your teams from monitoring manual backups and troubleshooting problems.
  • Cloud data compliance – Effective cloud data security programs ensure conformity with data compliance laws and regulations by monitoring data storage, access, processing, and protection.
  • Data encryption – Cloud service providers implement advanced encryption for securing sensitive data in transit and at rest.
  • Advanced incident detection and response – Cloud providers invest in cutting-edge AI technologies and security analytics to quickly identify and respond to security incidents.

Challenges of implementing cloud security

Unlike the digital security models of the past, the Cloud does not have a defined perimeter. The castle-and-moat model, in which a firewall is established around a data center, is ineffective for the Cloud because each point of presence (PoP), application, and network represents potential weak points.

Other challenges to cloud security include:

  • Lack of visibility – Without proper implementation, some companies struggle to locate all their data and applications and identify their assets.
  • Less control – As data and applications are hosted on third-party infrastructure, companies have less control over how data is accessed and shared.
  • Confusion over shared responsibility – Organizations and CSPs share security responsibilities, which can lead to vulnerabilities if the roles are unclear.
  • Malware and ransomware – Sensitive data stored in the Cloud is a tempting target for cybercriminals, especially companies with extended supply chain connections.
  • Compliance regulations – Increasingly, regulators like HIPAA, the FTC, and the SEC are cracking down on data compliance rules, including how soon an organization must report a data breach.
  • Misconfigurations Misconfigurations and human error continue to be a leading cause of catastrophic data breaches.

Guiding frameworks and pillars of cloud security

Known as the CIA triad, cloud data security follows the same guidelines as information security:

  • Data confidentiality – Sensitive data should only be accessed by authorized users.
  • Data integrity – Data is accurate and free from tampering or sabotage.
  • Data availability – Data is continuously available to verified users.

A data breach violates one or more of these tenets. The CIA triad is a valuable tool security professionals utilize in organizational risk assessment. Additionally, the NIST has created another assessment tool, the Five Pillars of Cybersecurity. They include:

  • Identify.
  • Protect.
  • Detect.
  • Respond.
  • Recover.

At CBTS, we build on this assessment tool and define our own six pillars of cloud security:

  1. Security assessments.
  2. Cloud monitoring and management.
  3. Managed backup.
  4. Disaster recovery.
  5. Patch management.
  6. Cloud security posture management.

Learn more: The six pillars of cloud security

Yet another framework that guides cloud security is zero trust. The concept of zero trust in cloud security was introduced in 2010 by Forrester. It emphasizes not trusting anyone or anything within or outside the network. Instead, everything needs to be authorized, inspected, and secured. Zero trust promotes a least privileged governance strategy and requires developers to fortify web-facing applications properly. Micro-segmentation is also used to create secure zones and traffic between them.

Key cloud-integrated security technologies

  • Disaster recovery and backup – Properly configured and tested disaster recovery minimizes downtime in case of a breach or disruption from a natural disaster or other causes.
  • Threat detection – AI-powered XDR and SIEM seek out and destroy threats before they have a chance to create a breach.
  • Data loss prevention (DLP) – DLP solutions help organizations classify and protect sensitive data by identifying policy violations and enforcing remediation through alerts, encryption, and other protective actions.
  • Cloud security posture management (CSPM) – Addresses misconfigurations and limited visibility by deploying automation for continuous monitoring and increased visibility.
  • Cloud access security broker (CASB) – A tool that bridges the gap between cloud service consumers and providers. It extends security controls from on-premises infrastructure to the Cloud, enforcing security, compliance, and governance policies for cloud applications. CASB can be hosted either on-prem or in the Cloud.
  • Identity and access management (IAM) – This feature merges multi-factor authentication (MFA) and user access policies, restricting data access to verified users.
  • Vulnerability and penetration testing – Identifies potential weaknesses or exploits to improve security postures.
  • Micro-segmentation – This feature divides cloud deployments into distinct security segments—from the network level down to the individual workload level—mitigating damage in the event of a successful attack.
  • Next-generation firewalls – Secure workloads by deploying advanced firewall capabilities at the network edge, such as intrusion prevention, deep packet inspection, application control, and encrypted traffic analysis, for comprehensive threat detection and prevention.

Seeking out a security partner

No single technology or solution fully encompasses integrated cloud security. The key is appropriately implementing and integrating cloud security tools and creating greater efficiencies between them for the most robust security posture possible. Even with the enhanced security offered by CSPs, your organization needs to fully understand where it’s protected in service-level agreements (SLAs) and where potential vulnerabilities lie. The best way to do so is to partner with an experienced cloud security vendor.

With years of experience managing enterprise data centers on-prem and in the Cloud, CBTS delivers the latest technologies in managed cloud security services and backup solutions. Our team maintains relationships with top CSPs and security providers to offer comprehensive protection against cyberattacks and downtime. At CBTS, we strive to understand your unique business challenges and provide the necessary expertise, training, and certifications to protect your business from data breaches, theft, and other common causes of system outages.

Get in touch

SASE vs. zero trust: The basics

What are zero trust and SASE?

As users increasingly adopt hybrid or fully remote work models and IT environments become more distributed, securing data only becomes more complicated. The traditional data-centric security approach falls short in distributed environments, with each user, mobile device, and network request representing a potential breach.

These challenges require nimble, evolving ways to address network and data security. Two of the most prominent methods are adopting a secure access service edge (SASE) solution or zero trust framework. SASE is a solution comprised of multiple components but packaged as a singular product. There may be some flexibility, but typical SASE solutions will include SD-WAN, SSE, secure VPN, and CASB. By contrast, CBTS definesthe zero trust framework as an aspirational, comprehensive security journey rather than a specific product or group of products. It involves many steps to an end goal that an organization may never fully reach because of the rapidly evolving security landscape. No individual point solution or OEM can fully encompass zero trust, but SASE is a current component of a successful zero trust framework.

In this post, we will compare and contrast SASE and zero trust, exploring how these approaches support the security of your organization both individually and in combination.

Key terminology:

  • Zero trust: CBTS defines zero trust as an aspirational strategy to ensure the most secure network possible. Under this ideology, there is “zero trust” given to people, places, and data across the network regardless of status, requiring layers of secure connectivity methods to protect the network. New components are continually adopted to meet evolving security standards.
  • Secure access service edge (SASE): SASE (pronounced “sassy”) is a suite of networking and security tools that includes four key technologies: SD-WAN, SSE, secure VPN, and CASB. Within the SASE framework, these technologies are combined and enhanced to provide a secure solution.
    • Software-defined wide area network (SD-WAN): A virtualized network alternative to traditional hard-lined networks, SD-WAN speeds network traffic and boosts reliability through intelligent routing through multiple network transports (DIA, broadband, LTE, etc.).
    • Secure service edge (SSE): A solution that dynamically secures access to applications, data, and networks through cloud-hosted security tools, such as secure web gateway (SWG) and Firewall-as-a-Service (FWaaS) technologies.
    • Secure virtual private network (VPN): An encrypted connection between a device and an organization’s network.
    • Cloud access security broker (CASB): Security enforcement points for cloud-hosted resources. CASB tools provide visibility, access control, threat protection and data loss prevention (DLP) service to ensure the security of an organization’s Software-as-a-service (SaaS) and Infrastructure-as-a-Service (IaaS) platforms.

Learn more: The six pillars of cloud security strategy

The technologies driving zero trust and SASE

Let’s start with the absolute basics. The momentum in security over the past few years has been consolidating and simplifying security platforms, leading organizations to seek comprehensive security options that address their networking needs. Zero trust and SASE evolved from this movement as options to help prevent network managers from adopting multiple different security measures that all address different goals. By adopting a zero-trust framework or SASE solution, managers can streamline their security efforts while still protecting all aspects of their organization.

However, zero trust is not a technology solution for consolidating existing technologies, but a set of guiding principles. As outlined by NIST and CISA, these principles combine to create a zero-trust strategy that simplifies various aspects of security into a singular framework for creating a comprehensive strategy to secure an organization’s digital landscape. CISA defines six pillars that include securing:

  1. Identity.
  2. Devices.
  3. Networks.
  4. Applications.
  5. Workloads.
  6. Data.

As organizations embark on the zero-trust journey, they may draw on multifactor authentication (MFA), next-gen extended detection and response (XDR), data encryption, and best practices such as e-mail security and password hygiene, to protect each pillar. “May” is the key word here, as zero trust neither requires nor is limited to those solutions as a framework. The components used to build a zero trust framework will continue to evolve according to best practices, security developments, and business needs.

SASE is a technology solution that many businesses view as a core component when designing a zero-trust strategy, and it encompasses technologies such as SD-WAN, SSE, VPN, and CASB to provide a combined secure networking product. In doing so, the SASE product seeks to address several key security needs. According to Microsoft, those pillars of SASE include:

  • Identity: Ensures access is limited to verified identities of devices and users.
  • Cloud-native delivery: Improves overall security and infrastructure.
  • Complete edge support: Supports all digital, physical, and logical network edges.
  • Global distribution: Supports all users worldwide, regardless of location.

Read more: Ten essential benefits of a managed SASE solution

Even though there is a lot of overlap in the focus and security coverage of SASE vs. zero trust, and both options are rooted in an effort to consolidate security platforms, the two are not interchangeable.

Similarities

  • Identity: Identity is a key element in both zero trust architectures and SASE, with organizations needing well defined business policies and rulesets to ensure appropriate access to resources.
  • Consolidation: SASE consolidates several network security products into a single solution. Zero trust consolidates several security pillars into a framework with which to address your changing security needs.
  • Constant authentication: SASE and zero trust both require users to be verified to perform specific functions or access different data sets. Unlike a traditional VPN, the user does not have total access to any operation once they are in your system.
  • Contextual access: Both frameworks utilize contextual risk assessments and access.

Differences

  • Identity: In a zero-trust approach, a user’s access is continuously verified to ensure they are who they claim to be. Beyond the technology itself, a zero trust framework defines which identities and users within an organization should have access to which resources. On the other hand, SASE is the technology tool that actually is integrates with identity sources and monitors connections between users and data to ensure that real-world access matches an organization’s zero trust security policies.
  • Scope: Zero trust is a framework to address organizational security broadly. SASE focuses on network security.
  • Solution type: SASE is a technology product that combines several products into a unified solution. Zero trust is an aspirational method of securing your business to the best possible standard and adapting to evolving security needs and trends.

The advantages of merging zero trust and SASE

The trend in security is to integrate, centralize, and streamline operations. With that in mind, we recommend the adoption of not just zero trust or SASE, but a zero trust framework that involves the right SASE solution for your business. This approach provides many compelling benefits.

  • Comprehensive security: SASE and zero trust provide enhanced visibility into the IT environment and eliminate gaps and silos within security architecture.
  • Reduced complexity: Reduce network complexity by centralizing the security toolset and streamlining some aspects of the IT environment.
  • Improved scalability: Easily scale up or down depending on the organization’s needs, which helps improve business performance and agility, as well as reduce costs.
  • Resource optimization: Automate some routine and recurring aspects of the security agenda, which frees staff to focus on higher-value tasks.

The integration of SASE and zero trust principles enable organizations to move toward zero trust through a unified solution that can uniformly uphold security protocols through the digital estate and beyond.

Which is right for my business?

Ultimately, the situation is not SASE vs. zero trust. SASE is not the next level of zero trust or vice versa. Zero trust is an overall approach to enterprise IT security with SASE being a crucial tool in the security and network too.

SASE provides crucial secure networking protections for your organization. But as a product, it the implementation can be a heavy lift for some organizations. Implementation can be time consuming and complex, especially for smaller IT teams.

Zero trust is more straightforward because it begins wherever you are on the road to an aspirational goal of perfect security. Most organizations can take immediate steps to increase security, resulting in swift ROI. However, it can be challenging for some organizations to step back from the day-to-day focus on IT operations and spend the time to develop a comprehensive zero trust roadmap.

We recommend consulting with our team to identify your specific needs and develop a customized security strategy involving zero trust and SASE.

Building out a zero-trust approach to your network security is crucial for any business, especially retailers that maintain large customer databases of personal information. As a common cybercrime target, retailers can especially benefit from the enhanced security provided by a merged SASE and zero trust security fabric.

The six pillars of cloud security strategy

Aiming for zero trust

A key driver of cloud security strategy is the move toward zero trust. Zero trust is a framework that guides how networks handle user traffic, devices, and requests by assuming all network operations are malicious until proven benevolent with proper authentication and verification.

The goalposts and strategies behind cloud security are constantly changing and responding to emerging threats. However, zero trust principles are still driving the steps organizations take in security operations. If zero trust is a roof, then it is supported by six pillars: security assessments and testing, cloud monitoring and management, managed backup (BaaS), disaster recovery (DRaaS), patch management, and cloud security posture management (CPSM).

Each pillar supports the ultimate goal of zero trust. Every individual pillar can be approached as a step in the process or pursued simultaneously. This post outlines the strategies and tools behind each pillar.

The pillars of cloud security strategy

1. Security assessments

Moving operations, applications, and systems to the Cloud grants many benefits to your organization: higher scalability, organizational agility, and improved customer service, among others. However, with benefits also come security risks due to the expanded attack surface. Every user identification, application, and device endangers the health and safety of your network by providing a potential entry point for cybercriminals. IT teams often need help knowing where to start.

Fortunately, security assessments from CBTS provide a valuable tool in prioritizing security efforts. CBTS evaluates any “as a Service” product (IaaS, SaaS, PaaS, etc.) with a cloud security assessment that leads customers through sixteen categories, including

  • Identity access management (IAM).
  • Data center security.
  • Change control procedures and configuration monitoring.
  • Data security.
  • Infrastructure management.
  • Vulnerability management.
  • Supply chain security.
  • Interoperability.
  • Governance and compliance.
  • Business continuity.
  • Key management and encryption.

Additionally, CBTS offers cloud-specific penetration testing that simulates a malicious attack. Unlike regular penetration testing, cloud penetration testing requires expertise. Penetration tests identify weak points in a public cloud, private cloud, or hybrid cloud environment and provide feedback for hardening the defense posture and budget justifications for increasing security spending. Testing can be scheduled as a one-time event or regularly recurring.

2. Cloud monitoring and management

CBTS Managed Cloud services monitor, fix, and optimize any aspect of your cloud operations, including:

  • Compute.
  • Voice.
  • Security.
  • Networking.
  • Backup (see next section).

Get help with one area of your operations, or completely outsource cloud management. Either way, CBTS has the expertise to guide, monitor, and protect your IT infrastructure.

Read more: Nine compelling benefits of a CBTS managed cloud environment

3. Managed backup

With the increased speed and access that the Cloud provides also comes an increase in customer demand. Organizations cannot afford to lose sensitive data or have extended service outages. Managed backup provides secondary storage in an offsite IT environment. Meticulously monitored and tested, managed backup helps your organization maintain customer service standards and business continuity.

Learn more: Why your backup solution is crucial to defending your organization from ransomware

4. Disaster recovery

Traditional data recovery has several disadvantages—potential duplicate costs, physical storage and space concerns, and slow deployment speeds. In contrast, DRaaS is a flexible, quickly deployed service that allows your organization to recover as soon as possible in the case of a malware attack, data leak, natural disaster, or other service interruptions.

Learn more: Best practices for disaster recovery success

5. Patch Management

It’s easy to see why patching sometimes falls by the wayside: it’s a time suck for small IT teams and causes fear of system downtime—additionally, the sheer number of patches to be applied monthly is overwhelming. According to a Ponemon Institute report, “40% of IT security respondents say a remote workforce has made it difficult to deliver necessary security updates and patches”.

CBTS offers patch management for both cloud and on-premises IT environments. Beyond applications, our security teams install updates for databases, containers, virtual machines, microservices, and other cloud systems. Our team also provides patch testing in a duplicate environment and phased patch installation to minimize the risk of system downtime. Our security experts offer up-to-date advice on governance and compliance issues, helping you to patch smarter, not harder.

6. Cloud security posture management (CSPM)

Misconfigurations and limited visibility are two of the most significant obstacles to a hardened security posture. Cloud security posture management from CBTS addresses both issues by utilizing best-in-class solutions tailored to your organization’s unique security needs. Additionally, CSPM deploys automation for continuous monitoring and increased visibility.

Other benefits of posture management include:

  • Unified dashboard into multi-cloud environments.
  • Automated remediation.
  • Pre-built compliance packs for leading governance frameworks.
  • Weekly reports and comparisons to industry benchmarks.

Putting together the pieces of cloud security

CBTS employs some of the best security professionals in the industry. Expertly designed cloud security strategy—paired with deep partnerships with leading vendors—uniquely positions CBTS to help your organization on the road to zero trust. Rather than promoting any one vendor or solution, CBTS follows a vendor-agnostic, best-of-breed approach that matches the right tool with the right situation.

Our team can guide you no matter what stage of the security journey to zero trust your organization is at. Contact one of our experts to learn more about integrating the pillars of cloud security strategy into a robust defensive posture.

Nine powerful security benefits of the Cloud

What is cloud security?

Cloud security” is a blanket term for the protocols, frameworks, and tools that protect cloud resources. This protection covers data, infrastructure, networks, applications, and end-user credentials. The need for properly implemented cloud security is greater than ever. Gartner predicts 70% of all digital workloads will be in a public cloud by 2025. However, the Cloud is not without risk. Sensitive data storage and interconnected systems make clouds an attractive target for bad actors.

In the age of rapid IT evolution and steep pressure to keep up, the benefits of cloud security outweigh the risks as long as security tools are correctly configured, monitored, and controlled.

Types of cloud environments

There are four categories of cloud environments, each with its advantages and drawbacks.

Public

Companies that use a public cloud utilize global third-party vendors that offer storage, networking, and other cloud services to the public. Public clouds, such as Azure, AWS, and so on, are often shared among millions of users.

Private

Alternately, private clouds are owned and managed by a single organization. In this instance, the organization is entirely responsible for the defense of the private cloud (unlike public clouds, which use a shared responsibility model in which the vendor takes on much of the security responsibilities). Private clouds are more secure than public clouds but can be cost-prohibitive and resource-heavy to set up and maintain. Average users of private clouds include government agencies, financial services firms, and any organization with particular data sensitivity concerns.

Hybrid

An organization may combine public and private clouds to get the best-of-breed services for individual departments while keeping data transferable between the multiple clouds. This arrangement allows sophisticated users such as a DevOps team to maintain strict security without sacrificing scalability.

Multi-cloud

Some companies choose to use multiple public clouds. This solution is valuable for optimizing costs, maximizing availability, and managing compliance.

The four primary cloud service models include:

  • Software as a Service (SaaS) – Applications accessed via the Internet or cloud.
  • Infrastructure as a Service (IaaS) – Virtualized infrastructure such as a server or other traditional physical infrastructure.
  • Platform as a Service (PaaS) – Developer tools for creating, testing, and deploying cloud-native applications.
  • Function as a Service (FaaS) – Individual functions such as microservices that organizations can quickly activate on an as-needed basis.

Challenges to cloud security

Cloud environments benefit from greater security than on-premises data centers. Gartner predicts that by 2025, user error will cause 99% of security breaches—rather than cloud vendor failure. However, that doesn’t mean that cloud security is risk-free. Organizations migrating to the cloud may face one or all the following challenges:

  • Compliance: Governments and regulators across the globe are increasingly demanding more robust data protection controls, such as authentication and encryption. Maintaining the latest compliance rules requires extensive knowledge, resources, and upkeep.
  • A complex threat landscape: Bad actors continue attacking organizations of all sizes with increasingly elaborate schemes and automated toolsets such as Malware as a Service. Although safer than traditional security, cloud security is not immune to data breaches.
  • Misconfigured systems: Organizations must properly implement cloud security at multiple levels—application, platform, server, database, framework, and code. Because of this complexity, it’s understandable why misconfigurations are so common. The Open Web Application Security Project (OWASP) reports that 90% of apps they inspected had some form of misconfiguration. Along with user error, misconfigurations are one of the primary causes of data breaches.

Benefits of cloud security

Organizations can overcome these challenges by enlisting a cloud security provider such as CBTS. The benefits of working with a cloud security partner include:

1. Cost efficiency

One of the core shifts that cloud computing brings is a movement away from CapEx to OpEx. No longer will your organization need to invest in dedicated hardware for an on-prem data center; that expense is now owned by the cloud service provider. A cloud security partner benefits your organization by saving you time and resources—correctly implementing security tools, eliminating unnecessary redundancies, and providing security experts.

2. Scalability

Cloud security scales with demand. Companies can quickly add and deploy additional security services as needed, especially with the guidance of a security partner. Additionally, automation enables real-time scaling to ramp up or down during high-traffic periods.

3. Agility in distributed environments

Network edge security solutions such as SD-WAN, SSE, and SASE are critical when deploying hybrid work models. Choosing a suitable cloud security model for your organization can significantly increase adaptability and reduce the time it takes to bring new branches online while securing user identifications, access, and device traffic.

4. Improved customer service through continuous availability

Customers demand access to services 24/7, whether online or via mobile apps. Cloud security provides the visibility necessary to monitor the threat landscape at all layers (app, platform, network, etc.) around the clock and prevent downtime.

5. Streamlined security

By consolidating enterprise security into a centralized location, your team and security partner can easily monitor data, applications, user endpoints, and devices from a single-pane-of-glass perspective. These concentrated controls also simplify company-wide deployments of patches and the implementation of disaster recovery protocols.

Learn more: Build a successful patch management program with these best practices

6. Advanced threat detection

Ransomware, distributed denial of service (DDoS), and social engineering attacks routinely target organizations in every sector. Your organization can stay ahead of the threat landscape by deploying automated extended threat detection (XDR) and other cloud-based antivirus tools.

7. Easier compliance management

While compliance is a routine concern in highly regulated industries such as healthcare or finance, data compliance rules from the GDPR (and other regulators) are expanding into other sectors, such as retail, to better protect consumer data. The CBTS security team stays on top of the latest compliance regulations. Our experts can help you adopt compliant governance frameworks such as zero trust.

8. Secure backups and disaster recovery

Cloud systems make creating redundancies and backups faster and much more affordable. In the event of a service outage caused by a data breach or natural disaster, disaster recovery as a service allows organizations to get back up and running in a fraction of the time compared to traditional tape-based recovery systems.

Learn more: Data protection and managed backup for secure cloud organizations

9. Segmentation

By limiting user and device permissions, a segmented network prevents hackers from gaining unauthorized access, even if they manage a successful breach.

How does cloud security work?

The responsibility for securing the Cloud is split between the user and the vendor for organizations to maximize the benefits of cloud security. The cloud vendor secures their infrastructure, networks, and servers, and the customer is responsible for securing their apps, data, and access.

One of the main goals of cloud security is achieving zero trust—every request, user ID, and access request must be verified and authenticated. To move toward this goal, CBTS guides our customers through the process of adopting the six pillars of cloud security:

  1. Security assessments and testing.
  2. Cloud monitoring and management.
  3. Managed backup (BaaS).
  4. Disaster recovery (DRaaS).
  5. Patch management.
  6. Cloud security posture management (CPSM).

Choosing a cloud security partner

The increasingly complex threat landscape drives home the need for robust cloud security. A single data breach could cost an organization millions of dollars in legal fees, ransoms, and lost customer loyalty. All it takes for one or more misconfigurations to slip by an overworked IT security manager to expose the sensitive data of thousands, perhaps millions of end users.

Your organization needs a security partner that is engaged and monitoring the current threat landscape. CBTS’ services stand apart from the competition.

  • We are vendor agnostic. By remaining agnostic, CBTS guides our clients to the best solutions for their unique environments and helps prevent vendor lock.
  • We provide expert guidance at every step. Our security experts guide your team through industry best practices and frameworks such as zero trust, strong password creation, MFA, compliance requirements, and security awareness training.

Get in touch to enjoy the benefits of correctly configured cloud security.

Three pillars of contact center security

Ensure the safety of your organization customers with enhanced cybersecurity solutions and built-in contact center security tools from a security partner like CBTS.

The transition to a hybrid work model has led to a revolution in the contact center world. Administrators now oversee agents worldwide, responding to customer communications across various channels, including voice, chat, instant messaging, video, and SMS messaging. While this revolution offers new methods of reaching customers and greater efficiencies, it also increases security risks. CBTS offers a variety of solutions that integrate seamlessly to provide the best security for your Contact Center as a Service (CCaaS) solution.

Each CCaaS vendor provides built-in security features for every product. However, those features only protect the platform itself. Built-in security does not address many other threats, especially those that target contact center employees. To ensure the total safety of the contact center, your organization must combine built-in security with expertly implemented add-on tools to provide a complete defense.

This post will review the threats not covered by built-in security, as well as the three pillars that defend against cyberattacks.

Read more: How CXsync is transforming small and midsize businesses through cloud-based contact centers

Threats to contact center security

There are several categories of threats to contact center security. The three most common include:

  • Hardware failure – When storage devices fail, whether from a natural disaster or data corruption, it is vital to have backup systems in place to maintain business continuity.
  • Data leaks – A leak of sensitive data may be accidental or come from a malicious attack. Hackers have developed sophisticated ransomware, phishing, and other social engineering schemes that target the weak points of security systems.
  • Weak network security – Segmenting a contact center network from the rest of the organization is critical. In an unsegmented network scenario, a data breach in one area of the company could affect the contact center (and vice versa).

This post focuses on the latter two threats: data leaks and unsecured infrastructure. For more on creating secure cloud backups to protect against physical media failure, read Seven tips and tricks to manage disaster recovery solutions for the Cloud.

Built-in protections vs. add-on security

CCaaS vendors must provide secure platforms, not just from a compliance point of view but also to maintain their reputations. Vendors have a substantial investment in maintaining backend security to keep their customers safe and their brand image intact.

But those protections often end at the front end. Unfortunately, threat actors target weaknesses outside built-in security—such as employees, poorly written software, and unsecured infrastructure. The good news is that with a few simple steps and the guidance of security experts, your organization can significantly reduce the risk of data breaches. Additionally, your team will have a response plan to mitigate damage in the event of a successful attack.

Pillars of contact center security

The first pillar is focused on securing infrastructure, while the other two focus on securing the human elements of your organization—employees and customers. Each pillar will help your organization stay compliant with pertinent security regulations.

Pillar 1: Secure technology

Apply zero trust principles when building your contact center architecture including performing a threat modeling exercise against the target architecture to identify, remediate and mitigate vulnerabilities prior to implementation.

  • Secure all identities: Require MFA for contact center employees and implement continuous
  • Secure all interfaces: Require a web application firewall (WAF) to protect your exposed web applications, VPN access, and voice traffic.
  • Data encryption: Sensitive data such as personally identifiable information (PII)—social security numbers, credit card numbers, and driver’s license numbers—must be encrypted in transit and at rest (backups) to prevent unauthorized access or disclosure.
  • Keep technology stack current: Attackers probe systems continuously for vulnerabilities and weaknesses, like default usernames and passwords. A contact center must keep its technology stack updated with regular patching and vulnerability scans to block the attackers.
  • Restrict access to sensitive data: Sensitive data must be secured to mitigate risk.
    These efforts include:
    • Closely managing employee permissions by implementing the principle of least privilege and granting only the required access needed to do the job. Remove employee access and permissions as soon as they leave the organization.
    • Implement a data classification program and mask sensitive information from employees. Only display the last four digits of a PII number, such as a social security number or credit card.
    • Delete credit card information once a transaction is complete. While inconvenient for the customer, this is a more secure practice.
  • Logging, monitoring, and alerting: Last but not least, ensure you are logging all auditable events and have a monitoring and alerting capability to notify you of anomalous activity. This can be with a SIEM tool or similar log aggregation solution.

Pillar 2: Secure operations

  • Build a culture of security: It’s essential that leadership endorse and support a continuous security improvement program for contact center employees, as well as employees at all levels. To establish a culture of security for your team, provide quarterly training on how to spot malware, phishing, and social engineering schemes. Additionally, implement strong password best practices and shred (or digitally shred) sensitive data.
  • Test security: Routinely perform security audits and penetration tests with the help of your security partner. Schedule regular antivirus and malware scans. Provide secure devices for at-home agents and monitor usage, blocking untrustworthy websites and applications.
  • Prepare for a data breach: Create an Incident Response Plan that covers data breach incidents. This plan should cover how to notify customers and employees, as well as include instructions on how to maintain business continuity.
  • Bots and AI: Implement a WAF that blocks bot attacks and distributed denial of service (DDOS) attacks. Make sure your users are trained on the latest AI generated phishing e-mails and voice (vishing) attacks.  

Pillar 3: Secure customers/users

  • User authentication: Implement phishing resistant MFA for your customer portal. Requiring secure authentication for your customer login portal will significantly reduce the risk of a breach. Microsoft estimates that 99.9% of account compromise attacks can be prevented by implementing MFA.
  • Data privacy policy: With new state privacy laws in California, Colorado, and other states, it is essential to clearly communicate to your customers how your contact center uses a customer’s data. Offering them insight into how their data is used and protected builds trust and brand loyalty. You will also have to provide a process for your customers to delete their data. This is known as the “Right to be Forgotten.”

Building your pillars

Hybrid work models create greater efficiencies for contact centers but also produce new security challenges. Even a single data breach could expose your organization to significant risk, both legally and in terms of financial loss. Many companies face steep fines, ransoms, and reputational damage. Some organizations never recover.

Choosing the right partner to help you build the pillars of contact center security is crucial. CBTS has decades of experience in telecommunications. Our team has overseen hundreds of contact centers transitioning from legacy systems to cloud-based communications. CBTS security experts speak to the security challenges unique to your contact center.

From security assessments to choosing the right CCaaS platform, our team has the depth of knowledge to help your contact center make informed decisions. Additionally, we can advise your company on merging CCaaS with Unified Communications as a Service (UCaaS) systems to create a more cost-efficient, streamlined system that boosts productivity and collaboration across the enterprise.

Get in touch today to learn more.

You vibe with SASE now—but are you ready for a long-term relationship?

The modern digital landscape is ever evolving. This means that you don’t only need a robust approach to your security, but you must also be able to adapt it to dynamic networking environments. This is where SASE (secure access service edge) comes into play, offering a unified approach to networking and security.

In this blog post, we will shed light on the reasons to embrace SASE and how it can safeguard your business now and in the longer term.

The appeal of SASE

There’s no doubt that SASE is becoming the go-to solution for future-proofing business networks by converging networking and security services into a unified, cloud-based architecture. SASE effectively mitigates many of the more pressing challenges your business needs to address, such as secure access to applications and resources regardless of their location, consistent security policies, and simplified network management.

However, you also need a solution to adapt and scale over time to support the needs of your business as they evolve. With SASE, you also acquire much-needed scalability and flexibility and stand to enhance your security posture—while enabling ongoing digital transformation. So yes. Vibing now. And building a relationship to last.

With that said, SASE is not a one-size-fits-all solution. Getting the most from it takes the right input and communication. Creating a solution that is future-proof means establishing some shared goals and desired outcomes upfront.

Achieve your SASE relationship goals with managed services

Implementing SASE can be complex: it requires careful planning, coordination, and implementation across various components, such as cloud-based security, software-defined networking, zero trust architecture, and identity management. There are also many questions to be addressed: how will the existing infrastructure be appropriately assessed? Are the right security policies already in place? How will compatibility with different platforms and applications be assured? Are network scalability and performance fully considered in the deployment?

When leveraging the expertise of managed service providers—which is where a partnership between CBTS and Palo Alto Networks® can add value—you alleviate all sorts of challenges. You bridge critical skills gaps and gain access to the ongoing support and guidance you need to ensure not just the ideal implementation but the continued success of your SASE investment over time. By choosing CBTS and Palo Alto Networks, you get a comprehensive and secure SASE solution without burdening internal resources—enabling you to focus on your core objectives while leaving the complexities of network security to trusted professionals.

Balance simplicity with resilience

Finding that sweet spot that balances strong security measures with streamlined operations means an enhanced security posture that doesn’t impact operational effectiveness or drain strategic resources. CBTS and Palo Alto Networks address this challenge through our combined expertise. Palo Alto Networks Prisma® SASE combines cloud-delivered security and next-gen SD-WAN into a unified solution to secure all apps and users irrespective of their location. Prisma SASE consolidates multiple point products, including ZTNA, cloud SWG, CASB, Firewall as a Service (FWaaS), and SD-WAN, making it easy for organizations to reduce the fragmentation of security and networking tools. This future-proof solution allows for integrating new technologies and provides scalable deployments. It provides a secure and flexible network environment and ensures you don’t have to choose between delivering optimal security or an ideal user experience.

Mitigating risk and helping ensure compliance

Cybersecurity is a continuous process requiring constant vigilance, awareness, and a proactive approach. Part of the attraction of SASE is that it deploys new configurations all the time, which empowers you to stay compliant with your security policies and resilient.

With Prisma SASE, you get protection. In addition to the obvious benefit of simplified management, one additional attribute is the ability to leverage artificial intelligence (AI) and machine learning (ML) across your security, networking, and user experience management, all unified from the same data lake. Only then can you benefit from a deeper level of defense and the rapid response to emerging threats for true protection. The round-the-clock support provided by CBTS and Palo Alto Networks drives more proactive risk mitigation and ensures a secure environment you can trust.

Future-proof the security of your business with managed SASE

SASE represents the future of network security, offering you a comprehensive and future-proof solution that shouldn’t lose its appeal in a hurry. But you might need a helping hand along the way. By choosing CBTS and Palo Alto Networks, you can gain a comprehensive suite of products and industry-leading support. You’ll get a SASE solution tailored to your needs, offering network management transformation, strengthened security posture, and reduced costs and complexity. And with the flexibility to integrate new solutions and scale effortlessly, you can smoothly adapt to evolving conditions, protecting your business in the long term while allowing you to focus on key outcomes, reduce risk, and ensure availability.

To find out how to ensure the best possible position to navigate the complexities of SASE adoption and make sure you can unlock its transformative benefits, contact CBTS.