Cloud security startup FireLayers has launched a new solution designed to enable enterprises to securely use cloud-based applications.
FireLayers Cloud Application Security Gateway is the flagship solution, but the company, which came out of stealth mode in February 2014 after receiving undisclosed funding from the venture capital firm YL Ventures, plans on releasing other security, compliance and IT governance products that can aid organizations with their efforts to securely adopt cloud applications.
Available immediately, the cloud application security gateway is ideal for apps like Yammer, Box, Google Apps, NetSuite, ADP, Salesforce, Workday, TribeHR, but also for homegrown and customized software, FireLayers said.
By sitting between the user and the cloud applications, FireLayers Cloud Application Security Gateway provides visibility into app usage, while providing protection against a wide range of cyber threats, including malicious insiders, account hijacking, and unauthorized access originating from personal devices used for work purposes (BYOD). Furthermore, the solution has a near-zero impact on performance, the company noted.
The product provides IT teams with the granular policy-based rule enforcement and auditing capabilities they need to secure cloud applications. For popular applications, the company provides pre-defined security, compliance and governance policies. FireLayers says its security gateway is the first to use the eXtensible Access Control Markup Language (XACML) to create and enforce policies, enabling the identification of user interactions in real time.
“Until now, CIOs and CISOs were forced into making the inadequate choice between blocking or allowing cloud apps,” commented Yair Grindlinger, FireLayers co-founder and CEO. “IT teams and business leaders are becoming increasingly aware that cloud app security is a corporate problem, and that they need to be responsible for the security of how the application is used, the data and the users themselves. With FireLayers, they have the tools they need to enforce corporate policies that support their risk tolerance and compliance needs.”
The FireLayers security gateway is based on an open architecture, which makes it easy to integrate with various other security and monitoring solutions.
According to Grindlinger, FireLayers Cloud Application Security Gateway is easy to implement and doesn’t require the installation of any new hardware.
“[For] most popular applications there is no deployment as the solution is based on a reverse proxy technology. In some cases a local proxy settings configuration is required from the IT team (for instance for Google Drive that is locally deployed on the device),” Grindlinger told SecurityWeek. “What all this means is because of the way reverse proxy is implemented, basically you don’t need to do anything. When someone logs in, the application automatically redirects the user to the FireLayers gateway. The user experience is completely transparent. No software installation or configuration is needed. There is no footprint on the user’s device. The user doesn’t need to do anything – the FireLayers gateway does it all.”
The solution is priced at $10 per month per user and customers can secure one of their cloud apps for free for a one-year period.