For cybersecurity providers, cloud presence revolves around an architectural approach, a topic I’ve blogged about recently. Lately I noticed some vendors are resurrecting old arguments. And in some cases, they're introducing new ones. One example of an old, narrow argument: comparing number of data centers, assuming more is better. An example of a new one: running services in a public cloud is not effective. I’ll take some time today to address both, and share what I believe really matters.
Having worked for a telco for a large part of my career, it’s clear that networks, and in particular traffic flows, traffic patterns and the use of encryption have changed dramatically in the last decade. Those changes continue to be driven by an increasingly distributed (owing to work-from-home) and mobile user base, the need to secure data end-to-end as well as a concept I Iike to call data gravity.
The center of data gravity has shifted from company-operated centralized datacenters to SaaS applications and cloud workloads and this poses new challenges, especially in terms of connectivity and data protection.
The critical question to ask through all this:
How do you help your customers protect users working from anywhere accessing data that’s located everywhere, all while addressing compliance and regulatory requirements and delivering best-in-class user experience?
For more than a decade, Forcepoint has offered cloud security and data protection services to global customers at scale. We’ve done so by combining the best of both worlds: operating our own infrastructure in physical Tier 4 data centers, and leveraging Cloud Service Providers’ (CSP) services. We also augment this by operating a global service provider backbone with public and private peering that many of our competitors simply don’t have.
In my view, this approach allows us to deliver against the “three L’s”:
- Offering best-in-class Latency
- Ensuring efficient content Localization – We use virtual points of presence (vPoPs) to deliver localized content to our customers’ users, which, combined with the latency, is critical to the overall user experience.
- Complying with Laws – In other words, ensuring we enable you to adhere to global or vertical-specific regulatory and compliance requirements. Forcepoint outpaces our competitors here. Our web security solution is ISO27001 certified (which is foundational) and features GDPR (and related), ISO 27018 (which governs personally identifiable information), SOC 2 as well Cloud Security Alliance’s (CSA) Star Gold certifications.
My recommendation, when evaluating a cloud security vendor, is to make sure these three L’s are part of the equation.
And when it comes to our offering, we want to enable you to enjoy the benefits of the platform:
- Forcepoint does not charge a premium when a customer chooses one region over another.
- All of Forcepoint’s points of presence offer our full range of cloud security services and they’re accessible to all customers; none of our POPs are restricted.
Finally, although the shift to work-from-home has driven traffic increase and pattern changes, Forcepoint’s cloud architecture and technology stack enabled us to grow seamlessly, all while managing our cost base. And as we helped customers stay productive and secure, we continued to add more capabilities to our offering like Data Protection as a Service and in-line CASB to our Cloud Security Gateway offering by combining hosted data center components with SaaS-based microservices and we launched Forcepoint Private Access as well ! That’s how I see a true SASE platform—an approach we remain fully committed to.