Gartner Magic Quadrant
Any cloud security strategy implements Cloud Access Security Brokers, which has become the essential element to govern the use of cloud and protect sensitive and confidential data in the cloud for businesses across the globe. It has become imperative that the security and risk management leaders align with the CASB vendors to chart out the course of cloud data security and hence address specific use-case requirements. Gartner Magic Quadrant is a series published by the IT consulting firm.
Assumptions for Strategic Planning
Though the cloud security protocols and its implementations are new to the cloud services, all the organizations need to adopt CASB services to have compliance with the security standards and to make their businesses recognized and approachable for clients, particularly the government ones. Even though only 10% of the organizations use CASB, it will eventually rise by 2020. 60% of big enterprises will use CASB solutions to govern their cloud services, and at least 99% of cloud security failures will occur due to the customer’s fault.
Pillars Of CASB
- Visibility: CASB a boon for both Shadow IT and sanctioned IT discovery, thus provide a consolidated view of the firm’s cloud service usage, including the users, the device, and the location from where data is accessed. It is enhanced by CASB services that provide a cloud security assessment database to offer a visible view of the security capabilities and operations of the cloud service provider.
- Data Security: CASB makes use of data classification, data discovery, user activity monitoring of access to confidential data, or privilege escalation to prevent unauthorized access and unwanted activities, thus able to enforce data-centric security policies. The CASB security protocols can be disguised in various forms like alerts, blocks, quarantine, delete, and tokenization and view-only. CASBs perform the Data loss Prevention (DLP) on text-based content in structured data and files by importing policies from on-premise or cloud-based DLP tools. CASBs also offer data-centric audit and protection (DCAP) features that integrate with enterprise digital rights management (EDRM).
- Threat Protection: CASBs provide adaptive access controls to prevent unwanted devices and users, including a version of applications from unauthorized access to cloud services. The user and entity behavior analytics (UEBA) for knowing the anomaly in behavior, use of threat intelligence, malware identification, and solution and file sandboxing are some of the excellent examples of CASB solution in the threat protection category. Also, in some cases, the CASB vendors put in their efforts by having their analyst teams research on cloud-native attacks, thus increasing the security for threats.
- Compliance: Compliance is a must, and there is no escaping from it. Compliance mandates can be from government legislation, external agency, or the internal requirements, but they do not disappear if you move your businesses to the cloud. CASBs are the right solutions here that help the organizations to achieve compliance with regulations and standards by identifying the cloud usage risks and thwarting any such attempts.
Taking advantage of the rapid adoption of the cloud security services by businesses, CASB providers are aggressively competing with each other by making acquisitions or adding some new unique aspects of CASB functionality into the existing products.
Gartner Magic Quadrant – IT Trends And CASB Market
Gartner Magic Quadrant is a series published by the Gartner, which uses proprietary qualitative data analysis methods to demonstrate market trends, and the resultant scores lead to a vendor position in one of the four quadrants that are leaders, challengers, visionaries and niche players.
According to Gartner magic quadrant, the CASB trends depend on these three following factors:
- With enterprises moving to BYOD (Bring-Your-Own-Device), the usage from unmanaged devices has increased. While the employee BYOD may be waning, business partner access to cloud services through BYOD is rising, and it is here that CASB will play a prominent role.
- With compliance and regulations becoming mandatory, the expenditure around the cloud service providers will increase, thus affecting the on-premise technology, including the security software and the appliance markets.
- The large enterprise software providers are now heavily invested in the cloud because they need CASB solutions to deal with security implications.
Introduction of CASB has fundamentally changed the way data moves between the users and applications, and the cloud-using businesses will need to adjust priorities of investment in security controls.