HIPAA Journal is the leading provider of news, updates, and independent advice for HIPAA compliance

Cisco Launches First Cloud-Based Secure Internet Gateway

The popularity of Software-as-a-Service (SaaS) applications has grown considerably in recent years. Working practices have changed, and SaaS is well suited to an increasingly mobile workforce. SaaS is certainly not a fad. The use of SaaS is likely to grow considerably over the coming years, with Gartner predicting an increase in SaaS use of 70% by 2018.

While branch offices used to connect to the Internet via the corporate network, now many offices are connecting to the Internet directly, which means they bypass many network and Internet security controls. Not only does this increase risk, organizations potentially now lack visibility into threats targeting certain sections of the enterprise.

One way organizations have got around this is with the use of virtual private networks (VPNs), although VPNs are not always used by employees. A recent survey conducted by IDG revealed 82% of mobile workers did not always use VPNs.

An alternative strategy is to use on-premise web gateway solutions; however, multiple secure web gateways add complexity and latency and are therefore far from an ideal solution.

Cisco now has now developed an alternative option – a cloud-based Secure Internet Gateway (SIG) named Cisco Umbrella. The SIG was developed to allow all workers to access the Internet securely, no matter where they are located, and even if they are not using a VPN. While many aspects of this new service were already provided through OpenDNS, the new cloud platform incorporates many additional features to block more threats.

The SIG provides security teams with visibility into what users are trying to connect to and adds an extra layer of security for workers no matter where they are located. The SIG stops both current and emerging threats over all ports and protocols, providing comprehensive coverage even if users are not connected to the corporate network.

Access to malicious domains, URLs, and files is blocked before the connection is established, preventing the downloading of malicious files.  Organizations can decide on the types of traffic inspection and can tweak the settings and enforce their unique security policies.

Since the SIG is 100% cloud-based, there is no need to install any software, no software upgrades are necessary, and no hardware needs to be installed. By switching to the cloud-based system, organizations can greatly reduce operational complexity as well as their management overhead.  All devices can be protected, and all Internet traffic pointed to Umbrella, in a matter of minutes.

Author: Steve Alder is the editor-in-chief of HIPAA Journal. Steve is responsible for editorial policy regarding the topics covered on HIPAA Journal. He is a specialist on healthcare industry legal and regulatory affairs, and has several years of experience writing about HIPAA and other related legal topics. Steve has developed a deep understanding of regulatory issues surrounding the use of information technology in the healthcare industry and has written hundreds of articles on HIPAA-related topics.