Cloud Access Security Broker (CASB)

A CASB is a visibility and control point that secures cloud applications, delivering data protection and threat protection services to prevent leakage of sensitive data, stop malware, and other threats, discover and control shadow IT, and ensure regulatory compliance.

CASBs are the cloud-hosted or on-premises applications, which sit in between cloud application users and the cloud services. CASBs can monitor traffic and user activity, automatically block threats and risky sharing, and enforce security policies such as authentication and alerting.

CASBs can apply policy to provide shadow IT control, cloud data loss prevention (DLP), SaaS security posture management (SSPM), and advanced threat protection.

Four Pillars of CASB

An effective CASB solution is constructed with four core features:

1. Visibility

Detects all the cloud services of shadow IT and tracks the live status of user activity with the sanctioned cloud programs.

2. Compliance

Capability of determining confidential items stored in cloud and enforces data loss prevention policies for meeting the requirements of data residency and compliance.

3. Data Security

Security practices like tokenization, encryption, access control, and information rights management are enforced for being safe and secure on the cloud.

4. Threat Protection

Instantly determines and responds to the negligent or harmful insider threats, compromised accounts, and privileged user threats.

CASB Deployment Models

CASB is easy to deploy, although deployment can be automated and many CASB policies are generated from risk assessments, administrators still need to build a model with the right deployment strategy to maintain efficiency.

Administrators can choose from three different CASB deployment models:

1. API control: Use an API to make calls to CASB procedures, which reduces the overhead for deployment.
2. Reverse proxy: Best for organizations with remote users and must make data available to only authorized users connected to the cloud.
3. Forward proxy: For organizations that need endpoint protection, a forward proxy will obfuscate user device information and protect it from attackers. It also works well with VPN connections.

CASB Use Cases

• Applications running on personal devices.
• Data loss prevention.
• Block malware and ransomware.
• Monitor and handle suspicious user behaviors.
• Encryption.
• Validate authenticated users.
• Identify misconfiguration.
• Stop shadow IT and unauthorized applications.

Top 10 CASB Solutions

1. Palo Alto Networks Aperture
2. Fortinet FortiCASB
3. Cisco Cloudlock
4. Proofpoint CASB
5. Forcepoint CASB
6. Censornet CASB
7. Microsoft Cloud App Security (MCAS)
8. CloudSOC CASB
9. Netskope Security Cloud
10. Symantec Cloud Data Protection