From Credit Union Tech Talk: The full article is HERE
Online, Mobile, Network & Physical – Securing the Spectrum
by Thomas Wright www.cunews.com
A layered approach to security is the time-tested best method for protecting the credit union’s critical assets. With breaches, data leakage and
theft an ever-looming threat, organizations must begin to think beyond the traditional stacks of firewalls and e-mail filtering. With compliance and
customer confidence top of mind, credit unions must deploy a variety of security controls such as identity and access management, single signon,
etc. The problem is there are so many of these security blocks to stack and arrange that it can overwhelm credit unions.
With limited budgets, resources, expertise and time bandwidths, internal IT Departments simply can’t keep up. What is needed is a unified
approach anchored by a robust Security Information & Event Management platform. In action, SIEM provides for the continuous, thorough analysis
of an enormous number of ongoing events in real time. A well implemented SIEM system eliminates silos by combining data from a wide
range of sources and correlating this data to provide control and visibility.
In short, SIEM leverages and correlates the capabilities of other security solutions in order to provide the necessary visibility to show, in real
time, who touched what, when, where and the potential security impact. In terms of both security and compliance, this is a valuable advantage.
However, on premise SIEM systems are often difficult to deploy and manage, plus they can be prohibitively expensive. Addressing the issue
from the cloud solves several pressing issues (including significantly reducing capital and operational costs) while providing the necessary heft
to create the visibility to govern credentialing policies, remediate threats and satisfy compliance requirements across any sized enterprise. Yet
the key to a successful security initiative is not that an organization employs one or many solutions, but rather they leverage one another’s capabilities
and provide real time correlation and situational context 24/7/365. Like the old proverb, the whole is stronger than the sum of its parts.
And that’s where CloudAccess’ REACT platform creates unique value. Naturally log management is another pain point for many credit unions. This critical compliance component is also integrated within the holistic approach to forensic analytics and asset protection. The hierarchal architecture is powered by CloudAccess sensors which allow for seamless communications over encrypted connections to address even the largest and most complex networks. IT administrators appreciate our ability to quickly identify noncompliant devices and changes in device configurations, while auditors like the fact that we can readily detect policy violations and unauthorized access to secure data.
The network perimeter is an outdated concept because it is expanding both outward to the cloud and inwards towards employees who want to bring in their own devices. That is why we offer our robust CloudAccess identity and access management solution. Our goal is to eliminate access silos, identity silos and password silos. A centralized console for managing all access rights permits an immediate reaction when a source of operational risk is detected. Credit unions can audit both authorized and illicit accesses, granularly allocate access rights, and even block users that are causing issues from accessing the network.
The successful credit union does not employ a variety of individual solutions, but rather an interpolation process of all the data across the enterprise. The true paradigm shift is managing this from the cloud. It effectively broadens the reach and scope of enterprise monitoring, strengthens access authentication and centralizes control. Essentially, a credit union can apply enterprise-grade capabilities enjoyed by the largest banks without the cost and resource burdens. But most importantly, provides the necessary visibility to best protect and control the IT and IP assets.
Contrary to some people’s opinions, the cloud is not faceless. Behind the scenes at CloudAccess lies a diverse group of professionals with backgrounds in different industries who were inspired by the tremendous potential of cloud computing and understood the vital role that reliable security solutions play in its development. We support some on-premise solutions, but everything is managed from the cloud in a cooperative approach that blends your IT team’s knowledge with our experts’ many
years of experience in IT security and consulting. The end result is the quick implementation of enterprise security in the cloud – that is both affordable and manageable.