Cloud Security Control Takes Secure Interconnection

Larry Hughes


Cyber-security continues to be the top concern for enterprises migrating applications to the cloud, with a recent IDG Cloud Computing study reporting 67% of organizations have concerns about the risk of unauthorized access, data integrity and protection. In an effort to address those gaps in cloud security, a new, high-growth market segment of cloud access security brokers (CASBs) is gaining traction with enterprises. In fact, Gartner predicts that by 2020, “85% of large enterprises will use a CASB product, up from less than 5% today.”

CASBs can manage access to multiple cloud services for enterprises from a single control point, focusing on providing capabilities that add much-needed security controls such as Web and enterprise application firewalls, secure Web gateways, encryption, auditing, data loss prevention, access control and anomaly detection, just to name a few. CASB solutions enable enterprises to track cloud service usage and user access from any location or device, and enforce data security policies and controls that prevent unauthorized users, locations, applications and data from accessing cloud services. These capabilities address a number of today’s enterprise cloud security concerns, including compliance and data residency.

CASBs play a valuable role in the cloud market, but without secure, high-performance and reliable interconnection among CASBs and an organization’s users, locations, applications, data and cloud services, then there could be a crack in a CASB’s fortress.

An Interconnection Oriented Architecture (IOA) enables enterprises to build a high-performance and secure infrastructure that could leverage and optimize CASB offerings and enable private interconnection to multiple cloud services. An IOA is a transformative approach that shifts the fundamental delivery architecture of IT from siloed and centralized to internetworked and colocated. By implementing an IOA within an enterprise inside a global colocation data center and interconnection platform such as Equinix, where there is a high-density of networks, clouds and CASBs, then companies can capitalize on fast, direct and secure interconnection to CASB services and multiple clouds.

Since protecting cloud access from any user, on any device, within any location is critical to the success of CASB services, then secure interconnection also needs to be available anywhere in the world and support any device. Equinix’s Interconnection Platform is available in more than 100 Equinix data centers worldwide and can enable access to 500+ cloud services. It supports interconnection to multiple private, public and hybrid clouds via high-performance, direct and secure connections without increasing the risk factor of going over the public Internet.

An IOA brings interconnectivity to the edge of the corporate network, where the majority of users reside and enables security services, such as those offered by CASBs, to be closer to users, locations, applications, data anclouds for greater protection and compliance.

Proximity among CASBs, their customers and clouds also enables higher-performance interconnection by lowering the latency between the users and cloud services. Direct access among local users, applications, data, and cloud and CASB services optimizes data residency and compliance regulations by keeping everything private and contained within geographic boundaries.

CASB services are typically API-based and can be integrated within the Equinix Cloud Exchange to take full advantage of its flexible, agile and scalable multi-cloud interconnection capabilities. The Cloud Exchange can provide CASBs with direct and secure virtual connections to multiple cloud services via a single port, helping to reduce the complexity and overall cost of multi-cloud interconnection.

CASB services are helping to make the cloud a safer place for the enterprise, and Equinix’s Interconnection Oriented Architecture allows businesses to maximize those benefits with more secure interconnection.

Larry Hughes
Larry Hughes Business Information Security Officer (BISO)