Last week I wrote about the common security challenges that CISOs are confronted with. The decentralization of IT and increased cloud adoption, raises questions about security on a cloud service provider’s infrastructure. Who (or what technology) can ensure enterprise-grade security policies that we had on-premise for years? That’s where CASB or Cloud Access Security Broker comes in. It addresses many of the security challenges that I wrote about in last week’s post.
– Brian Pereira, Digital Creed
Designed by macrovector / Freepik
What is CASB?
CASB is a term coined by Gartner in 2012. The Gartner definition says CASBs are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement.
According to Tech Target, CASB is a software tool or service that sits between an organization’s on-premises infrastructure and a cloud provider’s infrastructure. CASBs are available as both an on-premises or cloud-based software as well as a service.
CASB acts as a gatekeeper, allowing organizations to extend the reach of their security policies beyond their own infrastructure.
In my last post I wrote about users increasingly accessing enterprise SaaS based applications directly from the cloud. And the need to bypass the need for the user to go to the data center first at the HQ (backhauling) and then re-route the access request to the cloud.
Well, with CASB, the security policy concerns are now addressed. The security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on.
CASBs ensure that network traffic between on-premises devices and the cloud provider complies with an organization’s security policies.
According to Tech Target, CASBs use autodiscovery to identify cloud applications in use and identify high-risk applications, high-risk users and other key risk factors. Cloud access security brokers may enforce a number of different security access controls, including encryption and device profiling. They may also provide other services such as credential mapping when single sign-on is not available.
Identity and access management has become so important these days, because users, devices, applications and workloads are everywhere. A CISO needs visibility into all this and CASB can offer this visibility.
CASBs include firewalls (network level) and Web Application Firewalls (application level) that inspect packets and look for/ block malware.
Additionally, CASBs also address data loss prevention or DLP to ensure that users do not transfer data outside their organization (data leakage).
Organizations are increasingly adopting CASB to address cloud service risks, enforce security policies, and comply with regulations, even when cloud services are beyond their perimeter and out of their direct control.
Come back next week for more alphabet soup!