What is it?
CASBs are on-premises or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers (CSPs) to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention, etc.
In what context is it best used?
According to Gartner, CASBs are most effective on SaaS deployments for single and multi-cloud implementations. CASBs are also somewhat effective in mixed deployments.
Benefits and limitations
Good detection. Capable of detecting unsanctioned cloud applications (“shadow IT”) and as well as sensitive data in transit.
Rich data. By its nature of controlling users’ access to cloud SaaS applications, CASBs can produce rich audit logs with events related to the users’ behavior using the applications.
Lack automated action. While CASBs can provide great data and information, they do not have the capacity to take automated action to remediate potential threats. This could be a concern for companies who do not have enough security employees to address the high volume of issues that will need manual intervention.
Struggle to provide consistent information because of incompatible services across CSPs.
Struggle to keep up with the pace of adoption of services across CSPs
CASBs require users to go through a central gateway; therefore, if users access cloud resources outside of this avenue (shadow IT), security teams might be blind to it.
For more information about Cloud Security, call our security consultants at +31 (0) 345 506 105, send an email to firstname.lastname@example.org or fill out our contact form via button below.