This post was originally published here by Salim Hafid.
Many in the security industry have heard about CASBs (cloud access security brokers) as the go-to solutions for data and threat protection in the cloud. But where exactly do CASBs slot in? If you already have a NGFW (next-gen firewall) or perhaps a secure-web-gateway-type solution, why invest in deploying a CASB?
Below, we will hone in on three of the most common real-world use cases for a cloud access security broker.
External Sharing
Most cloud applications have some form of built-in external sharing control. Perhaps an administrator is able to revoke access to certain documents, set granular permissions across the organization, or block sharing on the whole.
For organizations with multiple cloud apps, setting these controls within each app can be cumbersome. What’s more, not all apps share the same security capabilities. While Office 365 may feature granular sharing controls, an enterprise messaging app like Slack, which also enables external sharing, does not. A lack of feature parity across applications contributes to a core CASB use case – the ability to set external sharing controls for any app. This is done by leveraging APIs provided by each app vendor.
Cloud Malware Protection
Perhaps all managed endpoints in your organization feature some sort of malware scanning – a traditional and reliable approach to blocking known malware once it hits the device. The cloud malware challenge, however, is a whole different ballgame.
Cloud malware comes in many forms and is a major threat because of the rate at which it spreads. Say a spreadsheet with embedded malware is uploaded to a cloud application. That malware is likely to remain at rest in the cloud and can easily be transmitted to a connected cloud application or downloaded to a user’s device. Without cloud malware protection, IT has no way of identifying these threats. Cloud apps, intended for productivity and improved security, instead become a means of malware distribution. Only a CASB, with threat prevention capabilities that stretch across applications, can detect malware in real time as it’s uploaded. By combining a best-in-class AI-based malware engine with multi-protocol proxies, Bitglass helps organizations in every sector limit the risks of cloud malware.
Unmanaged Device Access Control
The most critical of CASB use cases is the ability for an organization to control access from unmanaged devices. Demand for bring your own device (BYOD) programs has reached unprecedented new heights, pushing IT departments to rethink their security stances with respect to unmanaged device access.
Given that employees are likely to work around IT if they are unable to work from their personal devices (particularly in the age of cloud where off-network access is highly common), steps must be taken to extend secure access to unmanaged endpoints. With a CASB, enteprises can focus on protecting data as opposed to protecting devices or infrastructure. IT-defined policies can prevent downloads of sensitive data and apply protections with built-in data loss prevention (DLP). Identify, remediate, and secure sensitive corporate data in any app, any device, anywhere.
Photo:Kennesaw State University | Online Learning