How Important Is It to Select the Right CASB Vendors?

Debasish Pramanik Cloud Security Expert - CloudCodes Software
  • November 20th, 2017

On corporate networks, IT staff probably does not really know about which cloud apps are being used there, and by which user, and how these apps are being used. Organizations can track the use of such unknown applications with the help of Shadow IT. Despite the fact that the use of unsanctioned app is spread throughout, still many enterprises have not really started tackling this issue. This happens because of the complexity of current work scenarios when cloud-based apps are readily available and they offer greater work flexibility and user mobility. Cloud Access Security Brokers certainly help in this regard, but different CASB vendors help in different manners. Different CASB vendor have different approaches for Shadow IT and other security solutions, which make it difficult for enterprise owners to compare CASB vendors.

How Can One Decide on the Right CASB Vendor?

Cloud monitoring can really provide you with the necessary information for figuring out the best ways for tackling Shadow IT problems. Discovery would be the very first step in this regard.

Pertinent Questions

The following questions will help you understand how to start with this discovery:

  • Are you aware of all cloud apps, sanctioned or unsanctioned, which are being used in your enterprise?
  • Are you aware which employees/systems are using these sanctioned or unsanctioned apps?
  • Are you aware of the behavior patterns of the usage of such apps? (their volume, access frequency, access time, access location, etc)
  • Are you aware of which data is exchanged within these cloud apps?
  • Are you aware of your company is at risk by the use of such apps?
  • Do you know which application(s) your company is going to approve or sanction?
  • What are the risks associated with the use of such apps?
  • Are you having a proper data security infrastructure well in place in your enterprise, which can adequately secure the usage of such apps?
  • If your organization is devoid of any proper cloud security infrastructure in place, then what particular level of security is required?

Getting the Answers and Making the Right Decision

After having the answers to the above questions, one can get a proper direction about which place to go. With a clear visibility about which data is at stake of being leaked, it can then be decided if you need an API-Native approach or you need a proxy gateway. For example, if a firm is using only DropBox and Salesforce, they can easily block everything else and select some vendor for deploying a SaaS or Cloud Native API approach. However, at times, you might need more after gaining visibility and determining the potential risks.

The Right Way to Compare CASB Vendors for Making the Right Choice

CASB Vendors are rapidly increasing with the growing demands for CASB solutions for cloud security as almost all enterprises are choosing to work with cloud-based systems and thus the need is escalating. Online market is burgeoning with numerous CASB vendors, who provide different types of solutions addressing the specific data security needs. Features of these CASB solutions differ from one particular vendor to another, so one has to look meticulously enough to fetch the best-suited one as per their business and work requirements. Getting a CASB vendor involves checking their features useful for your enterprise. It is not a wrong approach to compare CASB vendors as per their offered set of features. Some highly very useful CASB solutions’ features include Access Control, Single Sign On, Shadow IT, Identity Management, DLP, etc., which you can check while you evaluate CASB vendors. CloudCodes CASB solutions provide almost all such features. You can start your CASB vendor comparison here to get a useful information of some of the most popular CASB vendors and the cloud security solutions they offer.