With the need to manage costs and enhance user collaboration capabilities, the appeal of cloud-based Software-as-a-Service (SaaS) is growing. Widely used SaaS applications include Office 365, Dropbox, Google Drive and Salesforce.
Just as IaaS cloud components must be secured, SaaS applications must also be protected using consistent policy enforcement. Uncontrolled SaaS application usage or misconfiguration can open the door to data breaches and spreading of malware.
The need to address the issue around SaaS application security led to the creation of the CASB category. CASB stands for Cloud Access Security Broker, a policy enforcement point that delivers data and threat protection in the cloud, on any device, anywhere.
By “proxying” traffic between cloud applications and end-user devices, CASBs offer granular control over data access and real-time policy enforcement as well as complete visibility over corporate data. They enable organisations to understand usage of sanctioned, tolerated and unsanctioned SaaS applications across both managed and unmanaged devices.
Depending on your organisation’s individual SaaS exposure and resulting security needs, CASBs can provide:
Risk discovery and complete visibility: across all user, folder and file activity, generating detailed analysis that helps you quickly determine if there are any data risk or compliance-related policy violations within your SaaS applications.
Data loss protection and access control: satisfy data risk compliance requirements through granular, context-aware policy control that drives enforcement as well as quarantining users and data when violations occur.
Behaviour monitoring and alerting: easily identify suspicious behavior, such as logins from unexpected regions, unusually large usage activity or multiple failed login attempts, indicative of credential theft.
Advanced threat prevention: identify and block unknown and known malware and data leakage risks.
DLP and access control: view and properly control your differing user level of access within and across cloud applications.
Remediation actions: including quarantine, preview only, redact, DRM, encrypt, track/watermark.
User behaviour analytics: reporting on every user and admin transaction through behaviour tracking and recording including suspicious activity alerting to mitigate external access risk.
Zero-Day Shadow IT Discovery: machine-learning technologies to automatically index and classify all cloud apps, known and unknown.
Agentless Mobile Security: zero-day agentless protection of corporate data on any device without installing agents or MDM profiles. This provides the ability to selectively wipe corporate data on any device, without taking full control of the device itself.
Talk to us today about how to integrate a Cloud Access Security Broker into your existing security platform to ensure your data and applications in the public cloud are secure.