What is a CASB?
According to Gartner, a cloud access security broker (CASB) is a security policy enforcement point, either on-premises or in the cloud, located between cloud service consumers and cloud service providers, whose purpose is to combine and enforce corporate security policies when accessing cloud resources. The CASB is like a policeman enforcing the laws set by cloud service administrators.
Organizations are increasingly turning to CASB providers to address cloud service risks, enforce security policies and comply with regulations, even when cloud services are outside their perimeter and beyond their direct control.
What are the four pillars of CASB?
These are the building blocks of any CASB solution. All pillars are necessary for the program to be effective.
Visibility
Enterprises need to have visibility and control over managed and unmanaged cloud services. Rather than adopting a strategy based on “allowing” or “blocking” all cloud services, IT managers should be allowed to say “yes” to useful services, while regulating access to services, activities and data within them. This would mean the ability to offer full access to an authoritative suite such as Microsoft Office 365 to corporate device users, but only email via the Web to those users with unmanaged devices. It could also mean enforcing a “no offsite sharing” policy across a category of unauthorized services.
While cloud security is the primary objective of a CASB, another value it brings is that it helps you control cloud service expenses. A CASB can help you discover all the services being used in the cloud, report on cloud expenditures, and detect redundancies in functionality and licensing costs. A CASB can provide valuable business and financial information as well as protection.
2. Regulatory compliance
Compliance is an important consideration for organizations when they decide to move their data and systems to the cloud. Compliance standards are designed to ensure the security of people and company data, and disregarding them can lead to dangerous and costly breaches.
Cloud Access Security Brokers can help you ensure compliance in the cloud, whether you are a healthcare organization concerned about HIPAA or HITECH compliance, a retail company concerned about PCI compliance, or a financial services organization that needs to comply with FFIEC and FINRA regulations. A CASB can help protect your business from costly data breaches by enforcing compliance with the standards defined for data in your industry.
Data security
Accuracy comes from the use of highly sophisticated cloud DLP detection mechanisms, such as document fingerprinting, combined with the reduction of the detection surface area using different contexts (user, location, activity, etc.). When sensitive content is discovered in or en route to the cloud, the cloud access security broker (CASB) should allow IT departments the option to efficiently move suspected breaches to their on-premises systems for further analysis.
A more thorough study of threats allows your company to more easily identify and stop malicious activity before it escalates; a CASB can act as a watchdog to facilitate this task. CASBs are experts in both IT and business practices, and take a skillful approach to refining an organization’s security.
4. Protection against threats
Organizations must ensure that their employees are not introducing or spreading malware and threats in the cloud through vectors such as cloud storage services and associated clients and sync services. This means they must be able to examine and resolve threats present on internal and external networks in real time when an employee attempts to share or upload an infected file. It also means detecting and preventing unauthorized access to cloud services and data that can help identify compromised accounts.
A CASB can defend an organization against a large number of cloud threats and malware. It is essential for your enterprise to avoid threats that can combine prioritized static and dynamic malware analysis to develop advanced threat intelligence. Some threats can originate from or spread from cloud services. That’s why proper threat protection can be your lifeline.
What are the three main uses of CASBs?
1. Regulating the use of
CASBs, which are known for their efficiency in detecting Shadow IT behavior, are also useful for managing other aspects of security in the organization. A CASB can regulate cloud usage in your organization with granular visibility and control. Rather than taking a blanket approach by blocking services, CASBs allow you to control usage based on identity, service, activity, application and data.
In addition, you can define policies based on service category or risk and choose from actions such as blocking, alerting, preventing, encrypting, quarantining and policy enforcement advice. Finally, you can use these instances to warn your IT team about actions taken against any policies in place for internal monitoring.
2. Protect your data
Protect and prevent loss of sensitive data across all cloud services in your environment, not just the ones you control. Leverage our advanced enterprise DLP solution to discover and protect sensitive data in cloud services through authorization and en route to or from any cloud service, authorized or unauthorized, whether users are on premises, at a remote location, on a mobile device, or accessing from a web browser, mobile app or sync client. Combat data loss through the use of encryption, tokenization and charge prevention.
3. Protect against threats
Protect against cloud threats such as malware and ransomware. Start with complete visibility into all cloud services, including those using SSL-encrypted connections. Use anomaly detection and threat intelligence feeds, such as which of your users have accounts at risk. Then apply static and dynamic anti-malware detection layers, plus machine learning to detect ransomware. Finally, arm the rest of your security infrastructure with the information you discover, using out-of-the-box integrations and workflows. Threats will continue to refine their strategies, so your CASB vendor should follow suit.