A Cloud Access Security Broker is a security solution that is meant to protect cloud applications and infrastructure, from SaaS to IaaS and PaaS. In its latest cloud security report (Read a Complimentary Copy here), Gartner provides guidance on what to look for in a CASB and how to leverage a CASB to secure all cloud services.
Two fundamentally unique responses emerged to the growth of cloud computing: the cloud-adverse mindset and the cloud-positive mindset. Individuals of the cloud-adverse mindset feared the growth in cloud use and attempted to restrict it through legacy on-premises philosophies and solutions.
Progressive individuals adopted the cloud-positive mindset, choosing to embrace the growing ubiquity of cloud technologies as an opportunity to not only improve organizational efficiency and collaboration - but recognize the expansion of cloud technologies as a chance to reimagine and improve security. Now, business and IT security were no longer at ends with one another; they were aligned around a common goal.
As the CASB market took shape, two diametrically-opposed approaches became clear:
The refusal of the traditional approach to evolve with users and cybercriminals proved limiting, as cyberthreats continued to plague organizations. As the CASB market matured, security strategists, vendors, and analysts alike began to shift to the new cloud enablement mindset, recognizing the realities of the BYOD and cloud-centric universe we now live in, where a growing volume of traffic never traverses the corporate network, including both the on-premise network and managed mobile devices.
The cloud-native, API-based platform approach has come to dominate. Only API-based CASB & Cybersecurity platforms can provide:
CASBs cover a key set of use cases, including Threat Protection, Data Security, Compliance, and Visibility; however, there are significantly different approaches to providing this functionality. Gartner again provides guidance:
Shortlist CASB vendors based on those that are the least disruptive to your current environment, while still delivering the visibility and control options you require.*
While CASBs have traditionally focused on SaaS services, support for IaaS and PaaS is quickly becoming an essential, non-negotiable requirement. Organizations are re-evaluating their entire application portfolios and "cloudifying" their traditionally internal apps.
Moving homegrown apps to the cloud requires a dramatic re-thinking of security. While IaaS solutions such as AWS are responsible for securing the infrastructure, security is inherently a shared responsibility. For apps hosted in an IaaS or PaaS environment, organizations no longer need to focus on the security of the infrastructure itself, but need to target user behavior and data exposures. CASBs need to keep pace.
Source: Gartner (May 2016)*
Favor CASB vendors that have a desire and the roadmap to extend common feature sets to multiple types of SaaS applications and other cloud services (IaaS and PaaS) from a single console.*
CASBs do not operate in a vacuum. Rather, they should be considered an integral part of the larger cybersecurity strategy and security stack. As such, CASBs offering high extensibility and interoperability are considered highly preferential to point integrations.
The value of CASB solutions increases dramatically through their ability to orchestrate security across complementary solutions, including Identity and Access Management (IAM), Next-Generation Firewall (NGFW), Secure Web Gateway (SWG), Malware and Threat Emulation, Security Information and Event Management (SIEM). By correlating threat intelligence and automating response actions across formerly disparate solutions, CASBs increase the effectiveness of security programs. Gartner concurs:
Look to "piggy back" new spending in SaaS applications to ensure that CASB and IAM, at a minimum, are accounted for in upcoming enterprise architecture discussions.*
If you haven’t yet deployed a CASB, you aren’t alone. The CASB market is still nascent; however, adoption is increasing rapidly: “By year-end 2017, the cloud access security broker (CASB) market will reach $500 million, from less than $200 million today.”*
Deploying a CASB is quickly becoming a mandatory control.
Investigate where in your infrastructure security architecture program you can look to rightsize spending on technology, so that CASB is added to your architecture if SaaS is being adopted or is already in use.*
Companies of all types and sizes are choosing to deploy a CASB, and over 700 of them have chosen CloudLock.
See Cisco Cloudlock in action from one of our cloud security experts
Your browser version is outdated.
We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!
Click on the icon below to download the latest version of your browserClose