Finance: A Cloud Security Investigation (CSI)


In a recent Bitglass Security Spotlight, we enumerated the risks associated with failing to implement proper data and threat protection in financial services. Financial organizations are often targeted by hackers who are looking to seize personally identifiable information (PII) and nonpublic personal information (NPI) – this information is useful for identity theft and lucrative to sell on the dark web. Data loss prevention (DLP) and access controls are obvious priorities, and while employees generally use managed devices in the financial industry, data leakage is still a common occurrence.

In addition to merely protecting their data, financial institutions are looking for a solution that can help them do so in a way that enables compliance with the Payment Card Industry Data Security Standard (PCI DSS), the Gramm-Leach-Bliley Act (GLBA), and other relevant regulations. As employees are using more cloud applications to store, process, and share corporate data than ever before, finding an appropriate cloud security solution is imperative for financial services organizations that want to secure their sensitive, regulated information. Fortunately, the rise of cloud access security brokers (CASBs) has made this endeavor far simpler.

CASBs give comprehensive visibility over all user and file activity wherever data goes, enabling audit and assisting with the demonstration of regulatory compliance. With leading CASBs like Bitglass, automated policies can be enforced in real time, protecting data and preventing unauthorized access according to the rules that you define.

Encryption of data at rest can obfuscate sensitive financial details, hiding them from the cloud vendors with whom they are stored as well as employees who are not permitted to view them. Uniquely, Bitglass can provide this encryption for files and field-level data without breaking key functionality like search and sort.

Unmanaged App Security can turn any application read only. This prevents the exfiltration of data to unmanaged cloud applications while still allowing employees to access and download information from apps in use by partners, suppliers, vendors, and other parties.

Finally, CASBs like Bitglass can also provide advanced threat protection (ATP) and defend against zero-day malware as it is uploaded to apps, downloaded to devices, or at rest within the cloud. This is critical because a recent Bitglass study found that malware caused most of the financial breaches in 2018.

In the era of the cloud, security and visibility are vital for financial services. Want to learn more about what CASBs can do to help? Download the Definitive Guide below.

Download the Definitive Guide to CASBs 

*** This is a Security Bloggers Network syndicated blog from Bitglass Blog authored by Will Houcheime. Read the original post at: