Cloud Access Security Broker (CASB) is a software service that operates between an organization's on-premises infrastructure and a cloud provider's infrastructure. A CASB acts as a security guard; it allows the organization to increase the reach of their security policies beyond their own infrastructure. According to a report by a leading analyst firm the CASB market will reach $500 million by the end of 2017 from the current $180 million. You can imagine this huge growth! Now, the question arises why there is so much hype for cloud access security broker (CASB)? This is an important point to analyze for understanding CASB and its importance in a better way.
Recent time enterprises have focused on the adoption cloud and SaaS applications. This adoption has created new security and compliance issues. With the advent of Software as a Service (or SaaS) which is a way of delivering applications over the Internet, as a service. There is no need to install and maintain any software. You just access it via Internet as and when needed. This gives you the independence from complex software and hardware management. It also reduces IT support cost by the outsourcing of hardware and software maintenance. SaaS providers charge subscription fee (like monthly fee or an annual fee) unlike license and upfront cost, as in the case of traditional software .Thus, the initial setup cost for SaaS is typically lower in comparison to enterprise software. SaaS is being widely used in many business applications for customer relationship management (CRM), management information systems (MIS), content management (CM), enterprise resource planning (ERP) and computer aided designing (CAD). Many times, SaaS applications are also referred as Web-based software, on-demand software, or hosted software.
No doubt, the paradigm shift to cloud and SaaS is very efficient and cost saving. But how secure is this new shift. It has left a gap in security and compliance that are not met by traditional means. The security gap in the SaaS model should be addressed to ensure that visibility, compliance, threat prevention and data security, which stands at the same level as traditional on-premises enterprise applications. It puts a question-mark on various aspects like visibility of data sharing, suspicious activity, access from undesirable devices, geographical area, and IP addresses?
Once you discover cloud apps and assess the risk, the next move is to take steps to check it. Cloud access security brokers can help you with that! It provides varying degrees of policy enforcement, right from coarse-grained at the application-level to surgical level control at the activity-level. It can mitigate cloud app usage risk. Also, visibility, data security, compliance and threat prevention are the four pillars on which CASB works on.
Cloud access security broker helps to ensure various compliance in the cloud like HIPAA or HITECH (for health-care organizations), PCI compliance (for retail companies) concerned with FFIEC and FINRA (for financial related organization).
Enterprises have to protect their sensitive data for numerous commercial and legal reasons. You need visibility into the aspects like – what applications are running, what data is being stored or shared by them; and also, which employee is using these and from which locations and devices? Due to various commercial and legal reasons, enterprises have to protect their sensitive data. At the same time, enterprises also have to take care of ethical or legal boundaries related to this privacy that can come from monitoring these applications. For example, the same security methods that can provide usage telemetry of SaaS applications can also monitor social media apps like Facebook. All this is possible by the help of CASB. A CASB also helps you discover all cloud apps report, giving idea of your cloud spend. This helps to check redundancies in functionalities and license costs.
It either tokenizes or encrypts (using known good algorithms) sensitive data before sending to the SaaS application as per a configurable policy. By controlling enterprise data on devices or within the applications, it makes sure that only the authorized roles and responsibilities have access to them. It also facilitates data loss prevention and e-discovery, in a similar manner as enterprises perform them today.
A CASB protects from cloud threats including malware and insider threats with cloud malware. Whenever an employee tries to share or upload a malicious file, it can scan and mediate such types of threats in real-time; also, helping to detect and prevent unauthorized user access to cloud apps and data.
CloudCodes(https://www.cloudcodes.com) have been providing the CASB solution to more than 300+ organisation across the world. This includes customer from manufacturing, broking, bank, retail, logistics, health and education domain.