CASB or not CASB?

Read on to understand, what is CASB, why is it important and how can it secure your Cloud environment...

In order to keep up with rapidly changing market demands, organisations have been turning to the Cloud to increase productivity, collaboration and store data. The recent ‘work from home if you can’ advice from the government has accelerated this upward trend in cloud services adoption globally.

In-turn however, this process of ‘disappearing the network perimeter’ threatens the ability to provide security, visibility and control within cloud applications. One technology available today to help overcome these challenges is the Cloud Access Security Broker (CASB). 

 

What is CASB? 

Gartner defines a CASB as: “on-premises, or cloud-based security policy enforcement points, placed between cloud service providers and cloud service consumers to combine and interject enterprise security policies as the cloud-based resources are accessed.”

Fundamentally, a CASB addresses security gaps in an organisation’s use of cloud-based services so you can centrally control and secure your business' cloud activity.

Capabilities of CASB

There are a myriad of CASB solutions available, with varying degrees of functionality and sophistication. Gartner uses the following four pillars as criteria against which the CASB market is measured:

  • Visibility
  • Data security
  • Threat Protection
  • Compliance
How CASB helps with visibility

You can’t control what you can’t see, and you can’t secure what you can’t control. When it comes to cloud security, knowledge is power. A CASB can provide a consolidated view of an organisation’s cloud service landscape and details about the users who access data in cloud services from any device or location. This level of visibility enables IT operations to determine who is accessing both sanctioned and unsanctioned apps, providing insight to Shadow IT

Data Security

Organisations must ensure that data is stored safely and securely in the cloud and feel confident that they are fulfilling shared security responsibilities. CASBs provide the ability to enforce data-centric security policies to prevent unwanted activity based on a number of factors, such as; 

  • data classification
  • data discovery
  • user activity monitoring
Threat protection


A CASB must ensure an adequate level of threat protection to warrant the use of cloud services without security risk. Organisations need to be able to identify risky users in their system and have the autonomy to control and stop unauthorised applications or activities. CASBs prevent unwanted devices, users and versions of applications from accessing cloud services by providing adaptive access controls (AACs).

Other threat protection capabilities include embedded user and entity behaviour analytics (UEBA) for identifying anomalous behaviour, and the use of threat intelligence, network sandboxing, and malware identification and remediation. 

Compliance

Organisations must ensure compliance with all regulatory requirements and be able to demonstrate that they are governing the use of cloud services. Through their various visibility, control and reporting capabilities, CASBs assist efforts to conform to data residency and regulatory compliance requirements.

CASB & DLP

In most organisations it is recommended to deploy CASB early in the cloud journey as this will identify any shadow IT occurring, and consequently may drive adoption of certain services over others. In our experience CASB can be more quickly and efficiently deployed at the beginning of any cloud journey, then providing a solid bedrock to overlay DLP policies later on (6 / 12 months later in most cases).

The utopia here is having Data discovery and classification tools initially identifying and typing data regardless of its creation location, correctly “flagging” this data so that the proper DLP and CASB policies can then be applied in an automated fashion. For the business this means that all data is instantly classified by a dynamic engine and the relevant policy applied to said data and any ancillary applications that may be leveraged by it, providing a constant and consistent policy across the entire organisation.

Interested?

Want more information?

Get in touch with us