Storing apps and services in the cloud is a growing trend for businesses, and keeping that information secure is becoming easier to do with a new service that acts as a gatekeeper, which can extend a company’s security policies outside of their own infrastructure.
The demand for public cloud applications and services is expected to grow 18 percent in 2017, bringing that market to approximately $247 billion, according to Gartner. Cloud Access Security Broker (CASB) solutions are software gatekeeper tools or services that are designed to help organizations reap the productivity benefits of the cloud, while also monitoring and controlling how the services are being used.
Cloud computing consists of basic computing, application development, networking and storage systems running in data centers managed by companies like First National Technology Solutions (FNTS), a leading provider of flexible, customized hosted and remote managed services. Companies of all sizes are utilizing data facilities like ours to save on costs and manpower, instead of creating and investing in their own data centers.
Moving to the cloud has created a host of new security and compliance issues for businesses and organizations, and it has never been more critical for web-based applications, such as Microsoft Office 365, Dropbox and Salesforce, to be protected. With new data residency laws in place, there is a need to maintain data security and compliance when infrastructure shifts to the cloud.
According to Symantec, CASB software and services help IT teams do the following to address security challenges:
-Identify and evaluate all of the cloud apps in use, including third party content.
-Enforce cloud application management policies in existing web proxies or firewalls.
-Enforce policies to govern the handling of sensitive information, including compliance-related content.
-Encrypt sensitive content to enforce privacy and IT security.
-Detect and block unusual account behavior, such as malicious activity or the inappropriate sharing of content.
-Integrate cloud visibility and controls with broader security solutions for data loss prevention, access management and web security.
-Perform a risk analysis which provides analytics on cloud app ratings and usage.
According to Gartner, by 2020, 85 percent of large enterprises will use a CASB solution for their cloud services, which is up from fewer than five percent in 2015. Since more companies are shifting their apps and services to the cloud, strategic thinking about security is key, beyond physical infrastructure. Effective CASB solutions cover a wide range of scenarios from mobile devices and unsanctioned apps to business and personal accounts on sanctioned apps. To address different scenarios, comprehensive CASB solutions leverage the following:
Application Specific Security: The top cloud apps have a well-defined Application Program Interface (API). An API is a set of procedures and tools for building software applications that specify how software components should interact. A CASB can leverage API’s to monitor activity, analyze content, and modify settings within accounts on that cloud app. Most CASB’s offer cloud application-specific security solutions that leverage these API’s.
Inline Security with Gateway: A CASB gateway can analyze cloud activity and enforce policies, such as blocking data exfiltration or protecting information with encryption.
Shadow IT Analysis: Shadow IT refers to third party IT apps and services that don’t have direct oversight from an IT organization. Businesses can easily onboard cloud apps and services directly to increase productivity. CASB can utilize firewalls and other existing security devices that use log data to help analyze Shadow IT.
Symantec currently offers reliable CASB components that are now available to our clients at First National Technology Solutions. We offer CASB protection on any cloud based service or tool. CASB components are usually deployed in the cloud as a cloud service. CASB solutions, which are still evolving, vary from provider to provider, and not all of them are equal. Some startups offer solutions, but sometimes lack advanced threat protection and controls that are needed to mitigate the risks of the shadow cloud. Before selecting a vendor, a company should research several vendors, read reviews and ask for references.