What Executives Should Know About CASB
What Does CASB (Really) Mean?
From the Wikipedia article for CASB: “First defined in 2012 by Gartner, a cloud access security broker (CASB) is defined as: ‘An on-premises, or cloud-based security policy enforcement point/s, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement.’”
How Did It Originate?
The concept of CASBs emerged as businesses started shifting both internal and external workstreams to cloud services. While this shift vastly improved operational overhead, collaboration, and availability, it created a host of new issues concerning ensuring security without impeding access or functionality. Key areas of concern included visibility and control over data and users no matter what type of cloud offering (SaaS, PaaS, and IaaS) was utilized.
Why Is It Important in Cybersecurity?
CASBs are made to provide a consolidated point of visibility and control over multiple cloud services. To accomplish this consolidation, CASBs have needed to cover data protection, authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention, and so on. Without a CASB, security teams have to manually manage the security of data and user access spread across various cloud services with disparate security models. CASBs also help in areas like risk assessment, detecting compromised accounts, and ensuring that sensitive data is protected in compliance with regulations such as GDPR, HIPAA, and more.
What Is the Spin Around This CASB Buzzword?
As with any cybersecurity buzzword, there is a tendency for vendors to overstate the capabilities of their CASB solutions. Some may claim that their CASB can handle all cloud security needs, when in fact it may only provide a subset of necessary protections. Another alarming trend is for vendors attempting to position CASB as the only protection needed for securing users accessing and data flowing through cloud services. These are problematic when an organization takes them at face value, believing they have mitigated their risks with cloud services when there are many other threats that do not get addressed, such as users accessing cloud resources without flowing through the CASB, insider threats, using cloud services that do not integrate with the CASB, and many more.
Our Advice: What Executives Should Consider When Adopting CASBs
When considering the implementation of a CASB, it’s essential to evaluate the specific needs of your organization. Here are some questions to guide your team:
- Which cloud applications are currently in use, how secure are they now, and what is the company’s plan for securing future cloud adoption and workflows?
- How can we ensure that our security policies are consistently applied across all cloud services? Is there a method for assessing our cloud services’ security postures?
- What compliance requirements do we need to fulfill, and how can a CASB help in achieving them?
- How will CASB integrate with our existing security tools and workflows, or better yet can we consolidate CASB and other security tools together?
- Can the CASB provide proper visibility and control over user activities and sensitive data across the cloud services? How will it stop threats?
In conclusion, CASBs are a strategic component in the security architecture of any cloud-reliant organization. They provide comprehensive visibility, control, and compliance assistance that can be a crucial piece in the overarching strategy for securing cloud environments.