The meaning of CASB and “what you need to know before purchasing”

Cloud Access Security Brokers (CASB) are considered central data authentication and encryption hubs. Everything that businesses use in the cloud and on premises is targeted, and all endpoints, including personal smartphones and tablets, connect. Before the CASB era, corporate security administrators had no visibility into how data was protected. Bring Your Own Device (BYOD) and unmanaged devices are becoming more common in the enterprise, so data could be compromised by someone else’s smartphone or tablet connection.

 

 cloud computing emerged, businesses needed a way to consistently secure multiple clouds and protect everyone who uses the data. In this situation, CASB has emerged that helps businesses and organizations understand deeper visibility into the use of the cloud and SaaS, from individual file names and data elements.

 

A number of named suppliers have acquired CASB solution vendors. Oracle is the Palerra, IBM is the Gravitant, Microsoft is Adallom, Forcepoint is Skyfence, Proofpoint is Fire layer, (FireLayer), Symantec acquired Skycure, and McAfe acquired Skyhigh Networks. Three companies still remain independent CASB developers: CipherCloud, Netskope, and Bitglass.

 

CASB

CASBs as important as firewalls have matured. But it is also a matter of degree. Even the first developers to enter this market were only a few years after they sold related products. Anyway CASB has developed. Many analysts have noticed that CASB is not as important as the firewalls of the days when trucking companies bought PCs.

Gartner predicts that by 2020 companies using CASB will outnumber companies that do not use it. In this regard, the percentage of companies using CASB as of the end of 2017 is only 10%.

 

Several years ago, many companies bought CASB to respond to “Shadow IT.” And now many companies are considering using it as a standard operating procedure. IT managers may hear from enterprise dropbox sales representatives that hundreds of corporate users are using their personal dropbox accounts. This is unwelcome ‘information’.

 

Initially, CASB developers were involved in this context. With CASB, you can find and protect all the places where your company’s cloud data is located. Traditional security tools do not provide this visibility, especially in cases where network traffic can not be seen in enterprise data centers. “Companies want to control all of their data, including data that is not in their assets,” Steve Reilly, of Gartner, said.

 

Enterprise IT managers have had an amazing experience using CASB for the first time. When we first deployed, we found that cloud services are used 10 times more than their estimates. This has become a very big ‘selling point’. This was good at the time of

 

the latest CASB

, which is in line with modern IT and threat situations . However, the latest CASBs have become more complete and integrated into complex enterprise security. Many developers connect their products to email servers, track web applications gateway devices, connect to identity management systems, and provide single sign-on (SSO) tools to track and prevent accidental or deliberate data breaches have.

 

Enterprise IT managers want to control and manage cloud data beyond ‘first login’. The authentication tool now requires more than a ‘binary’ user login check, ‘yes and no’. In other words, it calls for so-called risk-based or adaptive authentication. Simply put, you want to strengthen the certification test so that critical content is not in the hands of criminals. Some CASB developers are now integrating these tools into their products.

 

Another factor driving CASB expansion is the increasing number of rules and known data breaches that can be observed in the EU’s General Data Protection Regulation (GDPR) enactment. The CASB can show the point where a hazard occurs in one place and summarize the problem. Helping the security team quickly focus on suspicious behavior. It is not easy for other kinds of products. An example of this is the Risk Summary dashboard from ForcePoint, as shown in the following figure

 

 

In addition, the adoption of cloud computing has accelerated and CASB has become more persuasive. In a related blog post, JBarber, Masergy’s director of security product management, which sells several vendor’s managed CASB services, explains a shared security model between cloud and on-premises applications, “Managing IT and passwords for employees is a security risk, and the user experience is worse.”

 

Only a few years ago, only a handful of companies had migrated to Google or Microsoft’s cloud-based email. But that was only the beginning. Microsoft has introduced an attractive licensing model to encourage businesses to use Office 365 instead of installed software.

 

Many companies have speeded up procurement of cloud resources from multiple vendors. Tools like CASB were needed to eliminate the security ‘gap’ of distributed resources across multiple clouds, including AWS and Azure. CASB has emerged as an essential security tool as companies move or deregister resources from the internal data center to the outside world.

 

Finally, the threat situation has evolved. Threats are often mixed and have changed significantly over the years. With the use of multiple exploits and evasion techniques, it became much more difficult to detect malware. As the attack became more sophisticated, even experienced IT staff increased the amount of phishing attacks that were difficult to identify. Or exploits the features and features of cloud services to infect millions of users by spreading threats in an instant.

 

In addition, the following four contributed to the introduction and expansion of CASB. First, security personnel can quickly learn. These tools are easy to implement. Dashboards provide easy-to-understand reports. It is much easier than establishing and arranging firewall rules and establishing policies on DLP products.

 

Second, CASB has become a comprehensive solution. Meaning that it supports many applications. The latest products have a limited number and types of applications that can be protected. However, this part has greatly expanded. For ForcePoint, it claims to be able to “spin up” a solution to support any custom app in a matter of days.

 

Third, managed service providers, such as Marcy, have resolved to resell several CASB solutions, including Bitglass. This helps small businesses, and companies that want to deploy CASB tools faster. Given that most CASB products are cloud-based, it’s a good idea to get help from a 24/7 security monitoring vendor, such as Marge.

 

Finally, multimode operation has expanded. CASB operates in one of three modes. In addition, more products support more apps in each mode.

 

– Forward Proxy: Usually distributed with an endpoint agent or VPN client.

– Reverse Proxy: Provides greater help for devices that do not need an agent and do not manage.

– API Control: Provides visibility into data stored in the cloud repository (repository) and data used only in the cloud, not into the corporate network.

 

Some vendors have distributed these features across multiple products. For example, Cisco only supports API access in CASB and Proxy in Umbrella products. In some cases, you may need to purchase CASB products that are “prerequisites” like Microsoft.

 

How to Buy and Consider the Right CASB Solution

Before you start evaluating, make sure you can use one of the CASB vendor’s free service plans to search the cloud portfolio. Cofense has a service called Cloudseekr. This also provides these services (but does not sell CASB solutions).

 

Many vendors offer a trial of a limited number of apps or services for free during the first month. This allows you to determine the extent and size of the exposure, and the tools that are appropriate for your infrastructure (see the end of this article for links to free trials).

 

Here are some things to consider before purchasing CASB.

– Select the most important app to pilot the first CASB project. And after running the product on a small scale, expand it.

-Determine if you need to integrate with existing IDaaS / SSO tools.

– Do not see cloud connections as simple ‘yes and no’ authentication events. How and when more granular authentication is required, and whether to deliver this functionality through the CASB.

– Determine if and how the product supports “site” data encryption.

– Investigate as many use cases as possible and investigate multimodal CASB for flexible application. For each of the three modes of operation, you should identify the drawbacks and limitations of the product.

– Investigate whether the product integrates with its secure web gateway, application firewall, data loss prevention tool, and email system. Compare and evaluate the functions provided by CASB and the functions they use.

– Calculate the cost. According to Gartner, some cloud apps cost $ 15 per user per year. The coverage is more inclusive, there is no limit to the number of cloud apps, and a solution that supports multimode costs $ 85 per user per year.

 

Major CASB developers The

following links provide trial versions of major CASB vendors.

– Bitglass – CipherCloud

Cisco CloudLock

– Forcepoint CASB

– IBM IBM Managed Cloud Services

– ManagedMethods

– Masergy

– McAfee / SkyHigh Security Cloud – McAfee / SkyHigh Security Cloud )

– Microsoft Cloud App Security

– Netskope video demo

– Oracle CASB Cloud Service

– Palo Alto Networks Aperture

– Proofpoint CASB –

– Symantec / Sky Cure (Symantec / Skycure) video demo

Leave a Reply

Your email address will not be published. Required fields are marked *