Intelligent CISO Issue 40 - Page 34

Along with Cloud Access Security Brokers ( CASBs ) and Zero Trust Network Access ( ZTNA ), SWGs represent a key pillar of Secure Access Service Edge ( SASE ) architectures .
PREDICTIVE INTELLIGENCE

behaviour-based detection technologies to prevent infected files from making their way onto users ’ endpoints .
3 . How is SWG going to prevent robust data loss ?
Users generate more and more data which means the risk of data loss , accidental or otherwise , grows . The web represents a convenient avenue for users to steal or unknowingly expose sensitive data , so SWGs should be able to support advanced Data Loss Prevention ( DLP ) use cases , including the use of advanced regex or exact data match to prevent unwanted data loss through web uploads . Similarly , when users attempt to upload sensitive files to unmanaged apps such as personal email or social media , SWGs should automatically block the upload in real time .
The aim of the game is to prevent data loss before it happens , rather than responding after with reactive alerts .
4 . Can this SWG handle unmanaged application control ?
Increased application usage combined with the exploding number of locations and devices the workforce is using means that unmanaged application control is a top priority . However , blocking an application should not be the only option .
Selecting an SWG that provides granular and flexible application

Along with Cloud Access Security Brokers ( CASBs ) and Zero Trust Network Access ( ZTNA ), SWGs represent a key pillar of Secure Access Service Edge ( SASE ) architectures .

control will ensure users are able to stay productive while maintaining security and adherence to corporate policies . Ideally , look for dynamic coaching and Machine Learning capabilities that will render shadow IT read only to control unmanaged apps and enable compliance .
5 . Will I get granular visibility and reporting ?
Consistent visibility and control across apps , devices , on-prem resources , infrastructure and the web is important for protecting data and defending against threats . Yet 61 % of organisations state they already lack unified visibility across their IT ecosystems , and widespread remote work only exacerbates the problem .
As well as providing detailed logs on who is accessing what across all user devices , regardless of physical location or network used , the SWG ’ s reporting capabilities should deliver against the dual requirement of being able to validate security policies as well as showing regulatory compliance in audits .
34 www . intelligentciso . com