How today’s secure web gateways enable essential work
- By Mark Guntrip
- Aug 09, 2021
As internet services began empowering digital government, threat actors delivering malware and other malicious content also moved to target agency systems and data. Enter: the now-familiar face of the secure web gateway.
SWGs started as a straightforward way for security teams and government agencies to block “bad” websites and malicious content based on policies set by the cybersecurity team. In response, threat actors found a way to insert malware into the “good” websites, presenting a problem for agency users who needed to access legitimate websites that now housed malicious content. The threat landscape had shifted, and SWGs needed to evolve to remain effective in securing users.
Some SWGs continue to rely on a “detect-and-remediate” approach that requires a steady stream of new information and threat data. This approach is not only time-consuming and resource-dependent, but it also doesn’t address today’s dynamic threats fast enough. For agencies with highly sensitive data or teams conducting mission-critical work, SWGs must provide assurance that users are both productive and protected.
As agencies grapple with remote work and hybrid environments, zero-trust capabilities are more critical than ever before. A SWG built on a true zero-trust approach goes both ways: It protects applications and data from the user as well as the user from the application and data. These types of SWGs have isolation in their DNA -- a deliberate response to keeping predators completely out of the environment.
What started as hardware-based proxies are now delivered via a cloud-native, cloud-delivered platform, providing centralized management and consistent enforcement and ensuring users and devices are protected regardless of where they are located. Traditional SWG solutions aren’t agile enough for modern agencies because they create barriers to getting work done and put security at risk. Cloud-based solutions built on a zero-trust framework take an evolved approach that empowers distributed teams. Better yet, they don't require massive deployment to launch.
Through the cloud, SWGs employing zero-trust capabilities can be applied to an agency’s existing security stack, acting as a ubiquitous proxy that separates the network from threats and delivers complete secure access service edge services such as data loss prevention, a cloud access security broker, acceptable use policies and cloud firewalls to even hybrid or distributed teams.
Many claim the security industry is stuck in a reactive mindset. Attackers find vulnerabilities, and then security experts release patches. While security vendors might laud the number of updates as a sign that their solutions are effective, in reality it shows the failings of this approach, which puts organizations at risk and threat actors in a position of power.
An approach that ensures full confidence in the entire chain, from top to bottom, will allow security to get ahead of modern threats by eliminating them.
Enabling essential work means securing it. A modern, cloud-based SWG can be a vital element in a proactive security strategy -- provided the SWG has evolved to deliver the necessary agility and protection. Through a true zero trust approach that leaves nothing to chance, prevents breaches and isolates threats from the online world, agencies can position themselves to deliver for all stakeholders.
Mark Guntrip is senior cybersecurity director at Menlo Security.