“Cloud-first” is one of the frequently discussed strategies in every boardroom today. While migrating resources to cloud brings more agility and flexibility to business operations, securing those resources is a completely different ball game and opens multiple pathways for accessing cloud-hosted resources. Specifically, how to operationalize a mobile workforce with direct-to-net application access, while maintaining full visibility, protection and control of the applications, data, and users connecting with mobile or BYO devices, raising the following questions:
How to create a protection layer around sensitive data in the cloud?
How to monitor and put controls on devices outside the corporate networks from accessing the cloud resources?
CipherCloud Cloud Access Security Brokers Plus (CASB+) offers a zero-trust cloud security framework for enterprises adopting cloud services, ensuring confidential and sensitive data is protected across all locations – in the cloud and on users devices. While CASB+ is a multi-mode solution, offering both API and proxy-based support, this blog focuses on CipherCloud’s Mobile Connect, using reverse-proxy capabilities and solving for securely connecting employees, partners, and vendors that are accessing business SaaS applications using unmanaged and BYO devices.
CipherCloud Mobile Connect utilizes a technology called reverse-proxy mode. In reverse-proxy mode CASB+ sits between between the enterprises and cloud applications, and all the traffic destined for the cloud is redirected (or proxied) through the CASB. Since it is an “inline” deployment, the sensitive data is detected in motion by CASB+ and can be protected before it reaches the cloud. This ensures data always resides in the cloud in a secure form.
CipherCloud Mobile Connect empowers organizations to easily and securely provide both managed and unmanaged mobile devices access to business applications. Mobile Connect, using reverse-proxy, redirects users to CipherCloud CASB+ and applies security controls such around corporate data going to and from the cloud, applying enterprise-class encryption, tokenization, malware protection, and audit monitoring for any of your information before it goes to the cloud. The reverse-proxy architecture connects all your users – internal, remote, or on mobile devices – seamlessly to the cloud applications, while allowing security policy enforcement to prevent data loss. CipherCloud Mobile Connect offers two major advantages:
- Agentless solution, ensuring quick, friction-less and scalable deployment
- Controlling traffic from both managed and unmanaged devices through the proxy deployment.
CipherCloud Mobile Connect Differentiators
- Any cloud support: Protection for all popular SaaS cloud applications including Office 365, Salesforce, Box, Dropbox, ServiceNow, SAP SuccessFactors, Slack, ZenDesk and Atlassian.
- Real-time data protection: Granular, field-level control over both structured and unstructured data, with industry-leading encryption, tokenization, native digital rights management and zero-trust key management to address any mix of security requirements.
- Email data protection: Routing emails through a secure email gateway for real-time email scanning, identifying and masking sensitive content from subject and body, encrypting sensitive attachments and ethical firewalling.
- IDaaS Integration: Integration with IDaaS solutions such as Okta, Ping and Thales for step-up authentication and multi-factor authentication. 100% control with entire post-session SSO passing through reverse proxy.
- Adaptive access controls for mobile devices: Controlling accessing to BYO and unmanaged devices, with contextual risk assessment of users, devices and locations.
CipherCloud’s continued focus on innovation and its feature-rich CASB+ offering has received the highest sum rating in Gartner’s Critical Capabilities Report. Download a copy of the report today!