From email to collaboration, don’t take suppliers’ claims at face value: Avanan
Cloud-based productivity tools in everyday use are a boon for IT teams. A few years ago, IT Support staff would have to roam the hallways of large institutions, installing monolithic software packages to run basic communications and office applications. Other teams in the background would be taking care of endpoint security, license details, asset lists, and databases correlating staff to endpoints and applications. Those days seem long gone.
In short, the cloud has solved a significant number of the daily details that dogged IT staff in the past — but the story has not entirely ended. Cloud-based services are just as vulnerable to attacks as traditional services. Yet, many companies do not properly secure these services, leaving them vulnerable to widespread phishing, malware, and ransomware campaigns.
All platforms such as DropBox, Office 365, and Slack are protected by the vendors from incursions at the server level. But each can be exploited by bad actors using tactics like phishing emails, man-in-the-middle interceptions of conversations between colleagues, and rogue alerts or messages. And each of these services is not as secure as users may think, leaving some to share more freely or to let unwanted outsiders in without realizing it. For all collaboration and file-sharing apps, additional security is needed.
At Tech HQ, we come across many new and revamped cybersecurity platforms designed to provide specific or, indeed, blanket protection for organizations. However, few go above and beyond the protections that the prominent vendors already implement on their cloud platforms. Work happens on more platforms than just email. A viable cybersecurity solution needs to protect all lines of communication, not just email.
In the case of Office 365, for example, most IT teams and MSPs are happy to “let Microsoft take care of it,” when it comes to security. Similarly, the assumption is that no one will ever hack Google Drive or get around Salesforce’s firewalls to send malicious content to paid-tier users via the company’s (recently-acquired) Slack messaging & collaboration platform.
Unfortunately, the wholesale acceptance of such services’ security policies lets many malicious parties into organizations’ networks every day. In the case of Microsoft Office 365, for example, IT teams are explicitly advised to turn off any cloud-brokering services at source to ensure the “best quality user experiences.” Finding cybersecurity partners who recognize where there are security gaps in even the household names’ platforms is getting more important as these services gain in popularity. A breach in one cloud service could easily spread to the rest of the organization.
From user bases of a few dozen people right up to city governments and Fortune 500 companies, Avanan is an all-encompassing cybersecurity solution that improves common cloud services’ security. Its technology steps in where IT teams may be tempted to stand back, protecting everyday users who share files, communicate and collaborate with colleagues, send and receive email, and rely on cloud services.
The Avanan platform pulls together a range of protection methods such as advanced artificial intelligence and machine learning that create a custom threat profile for an organization. That helps IT teams develop security policy controls grounded in the real-world workings of organizations. AI algorithms work in the background, adding layers of protection over and above secure gateways, cloud-access security brokerage devices, packet filters, and so on. Interestingly, Avanan works by learning and then stopping the attacks that are otherwise missed by default security providers. It also easily extends protection to all the popular collaboration apps like Slack, Microsoft Teams, and Dropbox, ensuring whole-of-business security.
Unlike many providers in the cybersecurity space, the Avanan offering was conceived for and has been developed alongside modern cloud-based services, not a retooling of existing security features for 2021’s now-common working practices.
In a further article on Tech HQ, we will be looking in more detail at the company and its users, highlighting how a false sense of security with well-known cloud services is more common than expected. And, of course, we’ll also look at how the platform works on a daily basis, shoring up the security holes left as organizations move among online applications and services.
Check back here in a few weeks, or we suggest you sign up for the Avanan free trial — in our experience, it catches more malware than “vanilla” Office 365 protections do — and if you are impressed (why wouldn’t you be?) go for a full demo with one of the company’s representatives.
1 February 2023
31 January 2023