What is CASB?
What is CASB?
Migration to cloud had begun from the turn of the millennium. However, now organizations are beginning to move their business critical and sensitive systems, including data from Human Resources and Customer Relationship (CRM) to cloud. Now it is time to gain total visibility on how these sensitive data is accessed, updated, and moved.
Cloud Access Security Brokers or commonly referenced as CASB provides the capabilities to organizations to effectively secure and monitor their cloud-based data. CASB began by looking at the cloud problem of Shadow IT but nowadays it has matured to network traffic inspection to obtain the visibility on how data is being accessed and transmitted, giving the possibilities to apply security policies.
Why do you need CASB?
Some of the major challenges organizations have are:
- Pushing their on-premises DLP capabilities to cloud
- Identification of cloud account compromises
- Shadow IT threats
- Continuous monitoring of cloud applications and the ever increase in API usage
- Protection for a workforce who continue to be highly mobile
- Separation of duties between the cloud consumer and cloud provider not clearly defined and owned
What does CASB do for you?
Key must have features of a CASB:
| AUDIT | ● User and Entity Behavior Analytics (UEBA) to determine deviation from baseline ● Ability to profile patterns based on application, data and cloud usage ● Provide actionable items to security operations to main posture |
| DATA SECURITY | ● Single tool to provide a view on where the data resides ● Close tracking of data movement ● Integration with cloud systems ● Integration with current security toolset ● DLP enforcement ● Deep network traffic visibility ● Encryption/tokenization techniques to provide data protection controls |
| CONFIGURATION COMPLIANCE | ● Alignment to industry best practices and benchmarks from NIST, CIS, CSA |
How do you consume CASB?
There are numerous methods when deploying CASB. Each of them should be evaluated in line with the business requirements and how technology is the enabler. Some of the methods available are,
| API Integration | ● Out of band implementation with integration between the CASB tool and cloud environments |
| Agent/Forward Proxy | ● In line implementation with visibility on activities by managed assets for both managed and un-managed applications and data |
| Agentless/Reverse Proxy | ● Agentless implementation with visibility on activities by managed and un-managed assets for managed applications and data |
Business considerations when choosing a suitable CASB technology,
- Prioritize your applications to aid the determination on the critical ones to be part of the CASB pilot
- Identify current technologies in production which can integrate with the CASB solution
- Investigate the suitability of using the methods described above, especially when utilizing more than one to achieve the target objectives.
As organizations move business critical and sensitive systems and data to cloud, the application use cases also increases which further places security strain on the residence and movement of data.
