By Pete Schmitt, Chief Technology Officer
As the adoption of cloud-based applications continues to surge, organizations are immersed in an ever-expanding landscape of cloud services and data, making the need for a security and policy intermediary more pressing than ever.
“Office applications accounted for more than 70 percent of exploited applications worldwide.”
Enter the Cloud Access Security Brokers (CASB), which serves as a pivotal security enforcement point between cloud service consumers and providers on-premise or in the cloud. CASBs assume the role of integrating and enforcing enterprise security policies as users access cloud-based resources.
Diverse Security Enforcement Across Various Applications, Including the Microsoft Suite of Products
According to Gartner, CASBs consolidate multiple types of security enforcement, including policies such as authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention, and more. In a nutshell, CASBs are critical to controlling how SaaS apps are used and how information is shared through those apps within your organization.
Microsoft has fully embraced digital transformation and now has more than 90 percent of its IT infrastructure in the cloud. What’s more, over one-third of organizations worldwide use Microsoft Azure for their cloud services. Given the prevalence of cloud-based Microsoft products in businesses, it’s understandable that the volume of apps migrating to the cloud will only continue to climb. Given this, Microsoft has even developed its own CASB service to identify and combat cyber threats across multiple clouds, Microsoft Defender for Cloud Apps.
Closing Security Gaps While Paving the Way for Further Improvement
Though the security landscape has seen advancements, a considerable gap remains, exposing organizations to the risk of data breaches. In 2020 alone, Office applications accounted for more than 70 percent of exploited applications worldwide.
So, is the cloud secure? The truth is, that’s a loaded question. One way that a CASB helps to secure cloud-based applications and data is through encryption.
A cloud access security broker sits between the user and the cloud service provider and screens usage, secures data, and guards against threats. By applying strong encryption in context, they are able to discern contextual info about the transaction.
For instance, the CASB should know who is transacting, what group they are in, the physical location, what action they are performing in what service and to what data, and if that data is sensitive.
How might that look in the real world? Take, for example, an HR user uploading a kitten video. Clearly, that doesn’t rank the same as an employee uploading a Word document entitled “Personal Health Info,” which triggers a confidential data DLP (data loss prevention) violation.
This kind of contextual security intelligence is achieved by deploying a CASB in various roles: forward proxy, reverse proxy, and, to a limited extent, using the cloud service’s API. A forward proxy deployment ensures comprehensive coverage by applying policies to all traffic flows, including sync clients, native apps, mobile apps, and even unofficial cloud services. For browser traffic to authorized services and contained mobile traffic (e.g., Salesforce), a reverse proxy is employed. In cases where the encryption is not happening inline, but after the upload, an API deployment is used.
Critical Requirements for a Viable CASB Use Case
Beyond deployment choices, here are five critical requirements that are needed to achieve a cloud security use case:
- Be aware of context, like activities such as “upload”
- In both sanctioned and unsanctioned services, see and control usage
- Use key management to apply strong encryption to sensitive content
- Integrate with KMIP-compliant, on-premises key manager
- Encode the unpublished API and decrypt SSL to comprehend the transaction, used for a forward proxy
So, how are you applying strong encryption based on conditional factors in cloud services? And what else can a cloud broker do for an organization? Here are just a few ways CASBs can add immediate value to your security initiatives:
- Advanced enterprise DLP
- Granular policies for all apps
- Architecture for any use case
- Access and privilege control
- Active threat protection
- Provide visibility and control over cloud spend
- Ensure compliance in the cloud
- Mitigate cloud app usage risk
- And more…
Most organizations simply don’t know what they don’t know, and those unknowns are almost always what keeps security professionals up at night.
How to Get Your CASB Right the First Time
In conclusion, while the security journey in the cloud continues to evolve, embracing CASBs as security intermediaries can provide organizations with a robust shield against threats, facilitate compliance, and empower them to wield the full potential of cloud-based services.
To ensure a successful CASB deployment, it’s essential to collaborate with impartial partners who offer agnostic insights and who can conduct comprehensive assessments.
Looking to strengthen your security vulnerabilities?
Let’s talk
Contact us at (800) 544-8877 to find out how we can help you uncover your true cloud usage and identify where you may have gaps in your security policies and procedures.
“As the lead for MicroAge technology and engineering, Pete researches new and emerging technology to ensure that his team is at the forefront of technology trends and best practices so that they can deliver the best possible technological solutions for clients. He brings an extensive background in information technology, customer service, and professional services and is known for delivering second-to-none client experiences—a philosophy that is directly attributable to our long-standing success and reputation.”
Pete SchmittChief Technology Officer
Join the discussion One Comment