Great question!
In today's world of all too frequent data breaches and cyber-hacking, you've probably already done your due diligence to protect the data on your network and managed endpoints - desktops, laptops, mobile and smart devices. However, with the exponential growth of Cloud services, existing and legacy security tools just can't cut it!
The rapid adoption of cloud apps, services, and mobile devices has resulted in data going to places where traditional security technology is blind ~ Netskope
A Cloud Access Security Broker (CASB - pronounced 'cas-bee') is the security platform for the Cloud era. CASB's are on-premises or cloud-based security policy enforcement point that is placed between cloud service users and cloud service providers to combine and interject enterprise security policies as cloud-based resources are accessed. They help organizations extend current on premises security controls to the cloud for Data Loss Prevention (DLP).
The enforcement point between the network and internet is clear: it’s at the network edge. In the cloud era, there is not a single enforcement point that covers all CASB functionality and access scenarios. CASBs leverage forward proxy, reverse proxy, and API modes of deployment to gain visibility into and enforce policies across cloud services, and each has its own set of functionality and coverage ~ McAfee
CASB's offer a variety of features typically categorized as Visibility, Compliance, Data Security and Threat Protection. Ever expanding Cloud usage along with growing maturity of CASB solutions, continues to drive the number of enterprise implementations, with current deployment rate of about 20%, but Gartner predicts that number will jump to 60% by 2022.
McAfee touts the features, benefits and use cases of CASB's as:
Protecting enterprise data in the cloud by preventing certain types data from leaving trusted cloud services via file sharing and email
Enforcing different levels of data access and cloud service functionality based on the user's device, location and operating system.
Identifying potential misuse of Cloud services including both activity from insiders as well as third parties that compromise users accounts.
Applying consistent protection to corporate information in Cloud using encryption that is controlled by the enterprise, not the cloud provider.
Auditing the configuration of cloud services to identify misconfigured settings and user accounts with excessive permissions that expose data to compromise.
Identifying what shadow IT cloud services are in use, by whom and what risks they pose to the organization and its data.
Gartner also lists the major players in the space as - Netskope Security Cloud, McAfee SkyHigh, Symantec CloudSOC and Bitglass Next-Gen CASB according to their 2018 Magic Quadrant for CASB's.
In summary, CASB's provides operational insight and actionable intelligence on the movement of sensitive data in Cloud based services so enterprises can securely leverage the Cloud to accelerate their business.
If you have questions or want to talk about enhancing your data protection capabilities, contact BreezeIT today and let us help you select, design and implement the right data security solution for your business.
More Info
Comments