Bitglass ticks six key characteristics of a modern secure web gateway

After a full year of remote work for many organisations, it is clear that the COVID-19 pandemic has accelerated digital transformation globally and changed the future of work — likely permanently.

A recent Harvard Business School Online survey showed that the vast majority (81 percent) of employees want to continue remote work even after the pandemic, with many reporting improved productivity while working from home.

Cloud security company Bitglass has cautioned that in order for organisations to continue to thrive in a distributed work environment, they must ensure that security is also modernised to support new realities appropriately.

“This means making certain that key security solutions like secure web gateways (SWGs) are able to overcome the challenges associated with today’s workforce,” say Jonathan Andresen, Bitglass Senior Director.

“For organisations in the market for a new SWG, we’ve summarised the six key factors to look for in a modern solution.”

  1. Architecture capable of supporting cloud-centric remote work

The most important factor when considering a SWG is architecture. Today’s workforce expects highly available solutions with low latency regardless of location. This is doubly important with global or remote employees who may be using residential internet.

Any solution that adds additional latency through on-premises appliances, traffic backhauling to cloud proxies, or additional network hops is not scalable in modern business environments.

An effective, modern SWG should be installed at the edge, directly on users’ devices, to support user productivity, business continuity, and security.

  1. Real-time threat protection

We’ve discussed the important role SWGs play in stopping advanced threats before, and the stakes are even higher when a considerable part of the workforce is beyond the protection of corporate firewalls and cannot simply walk up to a security help-desk to ask for assistance.

With new cyber attacks reported daily, effective SWGs need to be able to block access to malicious sites and prevent downloads of malicious content in real time. This means they cannot rely solely on signature-based detections that will miss zero-day threats and must use behaviour-based detection technologies, instead.

  1. 3. Robust data loss prevention (DLP) capabilities

As users generate more and more data, there is greater risk for data loss, whether accidental or otherwise. Modern SWGs need to be able to support advanced DLP use cases, such as those that require the use of advanced regex or exact data match, to prevent unwanted data loss through web uploads. Leakage must be prevented before it happens, not responded to after the fact through reactive alerts.

  1. Unmanaged application control

With increased app usage as well as increases in the numbers of locations and devices they are used in, unmanaged application control is critical. However, blocking an app should not be the only option.

Ideal SWGs provide granularity and flexibility in application control, allowing users to be productive while ensuring security and adherence to corporate policies. Look for dynamic coaching and machine learning capabilities which can render shadow IT read only to control unmanaged apps and enable compliance.

  1. Granular visibility and and reporting

With 61 percent of organisations already lacking unified visibility across IT ecosystems, widespread remote work only exacerbates the problem. SWGs need to be able to clearly report who is accessing what across all user devices, regardless of physical location or network used.

The SWG’s reporting capabilities also need to serve the dual purposes of validating security policies as well as showing regulatory compliance in audits.

  1. Part of a comprehensive SASE offering

Along with cloud access security brokers (CASBs) and zero trust network access (ZTNA), SWGs make up a key pillar of secure access service edge (SASE) architectures.

Consequently, as organisations move to adopt SASE, ensuring a chosen SWG is part of a comprehensive SASE offering will simultaneously ensure total cloud security and future-proof investments.

To get the full details on what to look for in modern SWGs, as well as a list of evaluation questions to consider, download the Secure Web Gateway Buyer’s Guide here.