By Salah Nassar, Vice President of Marketing, CipherCloud
Without a doubt, the top focus at the RSA Conference 2020 was human/people-centric security. This year’s conference messaging focused on the Human Element – which makes perfect sense. We are in a time of cloud mobile digital transformation, in which organizations are adopting a cloud-native or a cloud-first initiative — especially for collaboration and infrastructure.
This year saw a record number of vendors showcasing best-in-class and best-of-breed technologies. This is a great thing for the market. The only way the security and cybersecurity industry can keep up or stay ahead of bad actors is to continue to focus on best-of-breed technology.
There were dozens of vendors in every security category, including endpoint, edge security, connectivity optimization, privacy, data protection, and configuration management. They all had one thing in common: They are solving for the cloud-mobile environment. Their solutions are focused mainly on cloud delivery as a service. The security world is moving to solve for the cloud environment and deliver cloud-based solutions.
The ever-growing cloud mobile world
We’ve all seen the weekly barrage of news about the growing number of security breaches and the almost total failure of our legacy cybersecurity architectures. The transition to a cloud mobile world has happened faster than any of us had anticipated, and is partly why many breaches have happened: Forgotten open shares, poor access controls, malicious insiders or accidental mistakes. All pointing back at users – the human element.
Today, the new normal is that your enterprise might have several cloud deployments…perhaps a mixture of private and public clouds hosting internally developed applications such as accounting, finance, or special manufacturing operations software, along with public clouds providing software as a service (SaaS) applications such as Slack, Box, Office 365, Salesforce and others. This cloud mobile world requires that you administer cloud environment separately. Each has different security capabilities. Of course, integration between these clouds and existing on-premise systems is the complexity icing on the cake. So many security stacks and very little in the way of consistency.
The cloud mobile world is tied directly to the explosion in wireless and mobile devices. Most employees expect to access enterprise resources from their mobile devices, and organizations often don’t have the policies and security controls in place to put the guard rails on this access.
The cloud has also created some dangerous temptations. Many employees on authorized corporate platforms access cloud applications that might fail to protect confidential data and violate compliance requirements. Yet the enterprise has no visibility to any of this.
Meeting cloud mobile security challenges with CASB+
CASB+ is tailor made to address the security challenges with the cloud mobile digital transformation. Here is how CASB+ can help.
- Integration with the cloud mobile world. CASB+ provides the integrations you need to share information between systems using native application program interfaces (APIs). This consolidation reduces the complexity of trying to use multiple security solutions. You can administer policies consistently across the cloud and other platforms.
Read CASB+ overview to learn more.
- Visibility that gives you control. CASB+ enables you to see and log all activity to your authorized clouds. This gives you the data you need to support compliance, secure sensitive data more effectively, and shut down access to malicious and anomalous activity. Most important, you have visibility of potentially unauthorized and out-of-policy activity that places your organization at risk.
Learn how CASB+ Shadow IT Discovery provides you complete visibility on all cloud applications being utilized by your company
- Cloud Data Loss Prevention (DLP) – integrate or stand alone. Cloud DLP is essential to prevent leakage of sensitive data. CASB+ provides one consistent DLP interface that you can use across the variety of clouds you deploy, even your custom applications. Yet you can also integrate CASB+ with your existing enterprise DLP products so that policies can be applied consistently across your enterprise. Most important, with out-of-policy behavior comes the ability to revoke access to content at any time. This could be critical to prevent a data breach.
- Zero Trust encryption – beyond “at rest” encryption. First-generation CASB solutions with “at rest” encryption are no longer enough to protect your clouds. Attackers have successfully breached the APIs that have enabled them to compromise even encrypted cloud data.
CASB+ brings a comprehensive encryption solution that protects data no matter where it is — “at rest,” in network transit, in the cloud application layers (API, middleware, memory), and in use. Data encryption keys are retained only by you; they are never shared in the cloud. CASB+ enables single key management and a consistent approach to policy controls for all of your cloud applications.
Learn how CASB+ cloud encryption protects your sensitive data in case of a breach.
- Zero Trust human-centric policies based on user behavior and threat protection. CASB+ includes integrated advanced threat feed data that is used by the CASB+ engine to detect and shut down malware quickly. You can leverage your existing security ecosystem to optimize response to malware threats. Technologies such as user experience behavior analysis (UEBA) and advanced access control (AAC) can detect anomalous behavior by a user with valid credentials and block their access to your data. Examples of anomalous behavior might include a user downloading several gigabytes of files at 2 a.m., or attempting a valid log-in from Beijing only two hours after logging in from Chicago, Illinois.
CASB+ User and Entity Behavior Analytics (UEBA) performs continuous monitoring of users, devices and application activities for real-time detection and remediation of anomalous user behavior.
- Zero Trust identity controls with SAML integration and single sign-on (SSO). CASB+ provides full support for SSO integration to streamline and protect authentication, and to maintain comprehensive logging of user access.
In summary, CASB+ technology gives you the strong security you need to support the cloud mobile digital transformation. CASB+ will help you reduce expense, avoid cumbersome administration of multiple and disparate security stacks, and improve your user experience substantially.
Centralized administration, ease of use, and powerful best-in-class functional capabilities make CASB+ an important choice for your enterprise.
The future of cloud security: CASB+ as a foundation for SASE
Gartner has recently introduced a new cloud architecture, Secure Access Service Edge (SASE), pronounced “sassy.” SASE is the future of cloud architecture, solving the complexity of siloed security infrastructure, policies, and measures that are currently divided among on-premise security, legacy solutions, and cloud security.
While this concept is not new, the closest architecture that discussed continuity between on-premise security and cloud before SASE has been the Zero Trust Framework by Forrester. The difference with SASE is that it proposes an architecture we can see taking shape today. Starting with Cloud Access Security Brokers, Software-Defined WANs, Virtual Private Networks as a Service, Firewalls as a Service, Secure Web Gateways, Cloud DNS Services, and Software Defined Perimeter solutions, it is clear that we are in a cloud-first security environment. The only on-premise solutions left are either for industry-specific security measures (for example, governments) and large organizations that require hybrid deployment for the foreseeable future.
CASB+ is focused on replicating the kitchen sink of on-premise security, rearchitected for scale, advanced functionality, centralized management, and ease of operations, to provide organizations the right solutions to maintain full visibility of users and data, protection against zero-day threats, ransomware, data breaches, malicious insiders, and protection of data at rest and in motion.
However, the power of CASB+ comes in its ability to integrate with enterprise applications and legacy solutions, allowing customers to extend their investment of on-premise solutions such as endpoint and network DLP, integrate with new cloud focused architectures such as SD-WAN and IAM/SSO solutions, and help operationalize security (specifically cloud security) through integrations with SOC applications for SEIMs, EDR, threat hunting, UEBA, and more.
Join this live webinar discussion on March, 19, 2020 where industry experts will provide valuable insights on the impact of CCPA on cloud security and how CASB+ enables your organization to remain CCPA compliant while pushing the cloud-first strategy.