Cloud computing has matured way too much in the recent years and with its truly innovative, increased speed to collaborate, communicate, and ease of use is becoming the integral part of the business. However, with the increased use of cloud computing, the data that should have resided within the organizations perimeter is now being moved beyond the walls of the organization. And in this era of Cloud and BYOD, CYOD, COPE, it is much easier to make the data available anytime and anywhere at the same time maintaining an efficient security posture is becoming a big challenge.
Security is at the top of every organizations list and is a shared responsibility between the service provider and the customer. Even though the cloud service provider provides an optimum level of security for the applications hosted on their platform, it is difficult for them to gain deeper visibility and control at the risks associated with user behavior. Also, the visibility of access from outside of an organizations network or with a personal device is limited and lays path for the relook at the security in the cloud in a different way.
Cloud Access Security Brokers are a category of security tools that help enterprises safely enable cloud apps and mobile devices. A Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are being accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.
CASBs work by intermediating traffic between cloud apps and users. Once proxied, these tools provide:
- Visibility—audit logs, security alerts, compliance reports, etc.
- Data Security—access control, data leakage prevention, encryption, etc.
Together, these functions fill in the gaps otherwise encountered when an enterprise moves from internal, premises-based applications to cloud. For enterprises in heavily regulated industries, like Finance and Healthcare, use of a CASB might be the only practical approach to enabling cloud apps. More broadly, any organization with sensitive data to protect would be well served by considering this emerging solution category.
The Four Pillars of CASB are
- Visibility
- Compliance
- Data Security
- Threat Protection
By using cloud access security brokers, organizations can:
- Identify what Shadow IT cloud services are in use, by whom, and what risks they pose to the organization and its data
- Evaluate and select cloud services that meet security and compliance requirements using a database of cloud services and their security controls
- Protect enterprise data in the cloud by preventing certain types of sensitive data from being uploaded, and encrypting and tokenizing data
- Identify potential misuse of cloud services, including both activity from insiders as well as third parties that compromise user accounts
- Enforce differing levels of data access and cloud service functionality based on the user’s device, location, and operating system
Choosing a CASB is not an easy task. While many providers focus on limited areas of the four CASB functionality pillars, most organizations prefer to select a single provider that covers all use cases. Skyhigh Networks, Symantec and Netskope are some of the leaders in CASB while CipherCloud and Cisco are challengers according to the Gartner’s Magic Quadrant for Cloud Access Security Brokers.
Sandesh Segu
Sandesh Segu is Principal Solutions Architect at Enmarq Technologies.