We introduce another acronym yesterday, CASB (Cloud Access Security Broker) and we now expand on the features and benefits of deploying a CASB solution as we continue in our approach to cloud security. We noted in our previous blog that cloud security was a shared responsibility between service user and service provider. Gartner analysis indicates that by 2021, 27% of corporate data will bypass perimeter security. In addition by 2020, 95% of cloud security failures will be the customer’s fault.
Securing the cloud will need a robust security approach which includes features such as the ones outlined below;
Attackers are defeating today’s security controls that rely on the network perimeter, firewalls, or a specific platform. Activities across platforms are not correlated, making it difficult to identify suspicious behavioural patterns. At the same time, security teams are inundated with alerts that lack priority, useful information, or context. Faced with a flood of unhelpful notifications, the legitimate security breaches get overlooked. This problem is magnified with the use of cloud applications and platforms, as organisations often have little visibility into the activities of their users in their cloud environments.
A CASB can analyse user and entity behaviour, using the analytics to profile behaviour and detect and respond to anomalies in real time, while alerting security teams.
The number one cloud security concern for organisations is storing sensitive data in the cloud. 53% of organisations rated this top of their list. A CASB is an effective solution to address this by enabling tuneable policies to be deployed to monitor and provide data loss prevention. In the event of a policy violation, a CASB can initiate an automated response mechanism that can notify users, encrypt connections and quarantine data as necessary.
Unauthorised cloud applications is now a major security hole being exploited by cyber attacks. Discovery and security rating of cloud applications are therefore another essential feature that is needed to determine compliance with the organisations security policy. The ability to also block or whitelist applications may also be a necessary measure for compliance.
Correctly configured the CASB solution should provide the following benefits;