In its most recent cloud security report, Gartner provides valuable guidance into the rapidly-growing CASB market. Read this complimentary report for insight into the market definition, direction, analysis, and recommendations, as well as an overview of representative vendors, including Cloudlock.
Gartner defines the market according to 4 main pillars.
What apps – both authorized and unauthorized – are being used by your employees? How often and when are they using these apps? Such visibility grants organizations the much-desired insight into the Shadow IT side of
Cloud access security brokers offer an opportunity to understand if your organization is complying with regulations, such as HIPAA, PCI, FISMA, and so on, through data governance.
Referring to not only encryption and tokenization, but also data loss prevention. What data is being accessed? What data is being shared? Is it being shared in a way that is harmful to the organization? Is my intellectual property being safeguarded?
In order to effectively offer threat protection, CASBs look at internal users and malicious outsiders to evaluate the potential risk of behaviors. For instance, are users – trusted or otherwise – accessing information they should not have access to? User and entity behavior analytics (UEBA) is key here.
Through 2020, 95% of cloud security failures will be the customer's fault.*Complimentary Report
According to Gartner, there are several considerations to take into account when implementing a CASB solution. Begin with the intention of contributing to the shift of applications and services to the cloud, while ensuring it is done securely. Avoid being the "no" team; instead, be the "yes we can and here's how" team.
Start by investigating what cloud services are being used to determine which ones must be sanctioned, remediated, controlled, or monitored. Apply controls to “known” cloud services, like Office 365 and Salesforce. When doing so, establish enterprise-wide data security governance policies that prioritize the protection of sensitive data and ensure the appropriate data security controls. Don’t forget about internally developed applications.
Integrate with existing security solution like IDaaS, IAM, web gateway and events going into central log management or SIEM. Lastly, look for CASBs that ease the compliance burden for cloud services.
See Cisco Cloudlock in action from one of our cloud security experts
Your browser version is outdated.
We would recommend you upgrade to a recent version to ensure that you have a good experience on the CloudLock site. Outdated browsers also increase your security risk. So please update your browser and come back later!
Click on the icon below to download the latest version of your browserClose