Managed SASE
Managed Infrastructure
Analytics as a Service
Information Security as Service
Security Strategy
Security Architecture
Technology Consulting
GRC
Security Awareness
Cyber Resilience
Network Security
Content Security
Application Security
Cloud Security
Infrastructure Security
OT Security
Endpoint Security
Security Analytics
Team
Working at ensec
Facts and FiguresMicrosoft 365, SAP cloud platforms, Salesforce and so on – cloud applications are here to stay. The consequence for you: conventional IT security components no longer give you the control and transparency you are used to. ensec helps you regain control and insight.
“Yes” to the cloud – but secure
Since the advantages of cloud applications are undeniable, there is no way around them. The question for you is therefore not “if”, but “how”. How do you prevent sensitive data from flowing out via applications not operated by you?
A CASB helps you to get an overview of the many cloud applications that are in use in your company (often without the knowledge of the responsible IT departments). Based on this and a risk assessment or blacklist, you decide which cloud applications users are authorised to access. The CASB favoured by ensec comes with a database of tens of thousands of cloud applications, neatly classified according to various criteria and provided with a risk assessment by the CASB provider. Based on this information, the previously internally defined business risk can be easily transferred to the desired cloud services.
The actual filtering of access is performed by the web gateway in the network, which is fed with additional filter attributes by the CASB solution. Access control is not only based on previously defined applications, but also on keywords or patterns (e.g. credit card data).
What needs to be considered before installation?
To ensure that a CASB project is a success, ensec has specialists with a wealth of experience in designing, preparing and implementing a CASB installation, so that we can also bring the organisational side of the project to a successful conclusion by interlinking all stakeholders.
In a workshop, our experts can help you to set realistic requirements for the project and define which cloud services can ultimately be used and why. This is no longer a pure IT security issue, but is usually dealt with by the department responsible for risk management in the company. ensec ensures that your teams quickly achieve usable results in the discussion rounds.
Who is allowed to do what and what role does DevOps play?
Compared to on-premise infrastructure, it is more difficult to gain transparency and an overview in cloud environments. In addition, in-house software developers usually do not have access to the definition of network zones. This is done by firewall and network experts working together.
In cloud environments, however, DevOps specialists can bridge these zones – unintentionally or intentionally – by configuring their applications accordingly and thus open up security gaps. CASB can use posture management to prevent this without restricting developers’ options. And the desired visibility can also represent such a solution. ensec works with you to create an overview and adapts the permitted access to your risk appetite.
What level of integration is allowed?
Thanks to our detailed knowledge of the various interfaces of the products we use, we can help you integrate the products into automated processes. For example, if you feed a tool for IP address management with information about network zones (servers, clients, development, sensitive data and so on) and then link the tool to the firewall systems, firewall rules can be automatically distributed to any number of appliances in no time at all. In virtualised environments, automated processes ensure that asset management is always up to date.Auch Ihre Anwendungsverantwortlichen profitieren von Automatisierung: Mittels anwenderfreundlicher, von ensec bereitgestellter Tools erfassen die Verantwortlichen die Kommunikationsflüsse ihrer Applikationen und lassen die Software anschliessend die passenden Firewall-Regeln erstellen. Ohne dass die Anwender:innen hierzu wissen müssen, wie viele Firewalls zu konfigurieren sind oder welche Schutzzonen existieren.
Cloud Security in Detail
CASB
A Cloud Access Security Broker provides visibility and control over your cloud services, ensures compliance with your own policies and regulations in the cloud, data protection and protection against threats.
Microsoft 365
The Microsoft 365 cloud service enables a new and simplified way of working together. However, protection must be guaranteed on several perimeters. Outages and attacks must be prevented and compliance guidelines adhered to.
Visibility
Once the migration to the cloud has been completed, companies have to deal with the risks associated with visibility. There are several challenges here: Uneven computing resources, the use of different cloud services and shadow IT, to name a few.
Concentration on day-to-day business = smart investments
The use of CASB significantly reduces your effort for the qualification of cloud applications.
The CASB provider takes over this time-consuming task and you only have to define the standards according to which the solution allows or prevents access. Given the huge number of web applications, there is massive potential for savings here. What’s more, your internal specialists don’t have to manually store the necessary access guidelines on the web gateways so that they filter access according to your specifications.
Apart from the fact that your employees can concentrate on their day-to-day business, the quality of the classification is likely to be higher if the CASB provider takes care of this – after all, it is their core business.
May we personally provide you with arguments in favour of ensec? Please contact us.
