CASB (Cloud Access Security Brokers)
Gartner defines CASB (Cloud Access Security Brokers) as “products and services that provide visibility into general cloud application usage, data protection and governance for enterprise-sanctioned cloud applications…They deliver capabilities that are differentiated from and generally not available in other security controls such as web application firewalls (WAFs), secure web gateways (SWGs) and enterprise firewalls.”
How Can CASBs Help?
A good CASB should provide tokenization, encryption, and comprehensive key management with the flexibility to address any mix of security requirements. CASBs also help with data protection, data loss prevention, native device management, secure offline data access, automated PII anonymization, and HSM support.
In addition, CASBs need to offer advanced protection to identify and stop threats that are being shared through cloud-based services. This includes capabilities such as adaptive access control, user and entity behavior analytics (UEBA), and virus/malware protection.
Another core CASB use case is to deliver complete visibility for your organization’s cloud usage. The cloud discovery and deep analysis quickly reveal shadow IT activity, while providing an assessment on the risk of each cloud service being used.
CASB also enables businesses to better address a broad mix of current and pending global privacy and compliance regulations. This includes the controls necessary to support cloud-based applications under PCI, PII, HIPAA, GDPR, and much more.
What CASB Capabilities do Experts Look For?
ENCRYPTION happens at the boundary of the enterprise to protect your data at rest, during network transit, in the cloud application layer, API, middleware, memory, and in use (e.g. search, sort). Your data encryption keys are solely held by you for meeting compliance and maximizing the protection of your data.
TOKENIZATION is an essential technology for meeting many compliance regulations. Tokenization masks original data with random characters, which can only be reversed with the product that performed the tokenization, unlike encryption that can be reversed with the key and the correct algorithm. Tokenization is designed to meet many of the strictest privacy and compliance requirements including pseudonymization and anonymization.
DIGITAL RIGHTS MANAGEMENT is essential for securing offline data protection and access control. Data that is downloaded from cloud applications to a user’s device can still be protected based on predefined DRM policies. In the event that downloaded data needs to be protected from misuse, or accidental sharing, administrators have the ability to define who has access, and retract access to the data, even if it was downloaded and copied to another device, stolen or lost.
USER ENTITY AND BEHAVIOR ANALYTICS (UEBA). UEBA capability uses machine learning to monitor user activity, including time of day of activity, attempts at bulk file download, and other anomalous behavior. Any activity that strays from the typical behavior of each individual user is identified as an anomaly, and administrators are immediately alerted to the issue.
ANTIVIRUS ANTIMALWARE PROTECTION (AVAM). Virus, malware, and ransomware protection is provided by our anti-virus anti-malware (AVAM) scanning. Any content that is uploaded to onboard cloud applications, is scanned for the presence of malware, ensuring content being shared within cloud applications is protected. URL link protection and on-premise sandbox integration enable us to discover and remediate many challenging threats.
DATA LOSS PREVENTION (DLP). DLP identifies content in real-time and ensures sensitive data is discovered in both structured and unstructured SaaS application objects. When there are policy violations, CipherCloud DLP will enforce actions to include alerts, restricted sharing, or automatic encryption of sensitive files so that cloud applications can be safely used without the threat of confidential or sensitive data being lost.
ADAPTIVE ACCESS CONTROL (AAC). AAC identifies users and authentication activity to provide protection from multiple threats. The platform can can block access, even to what appear to be authorized users, based upon platforms used, time of day, originating location, and more that might suggest the theft, compromise of authentication credentials, or a sophisticated cyberattack.
CLOUD DISCOVERY AND ANALYSIS. The feature automates the discovery of shadow IT and cloud resources being used across the entire enterprise. This deep visibility is captured in activity logs to support compliance reporting, audit, and forensic investigation.
Interested in Hearing About CASB Use Cases?
Learn for CASB+ Protects Against Data Breaches, Increase Productity, and Helps with Regulatory Compliance in Our Latest Webinar:
Request a CASB+ Trial Today
CASB✛ is powerful and easy to use. Protect confidential and sensitive data at all locations — in the cloud and on users devices, even in custom developed applications without any complex SDK’s or application modifications.