CLOUD ACCESS SECURITY BROKER (CASB)
Organizations are adopting a series of both managed and unmanaged cloud-based applications. At the same time, we have users’ devices moving outside of corporate control. The result is a big security and compliance concern that traditional on-prem security controls cannot solve. As a result, most organizations have a requirement for a Cloud Access Security Broker (CASB) solution. The objective of CASB is to enable the on-going adoption, use and delivery of SaaS cloud services by the GC departments. CASB will enable this by:
- Enhancing the security posture of client services, applications, and data as they are transposed into public cloud environments
- Enabling full visibility and monitoring of cloud environments to prevent, detect, and rapidly respond to cyber threats
- Ensuring confidentiality, privacy, and safeguard data according to local policies and regulations.
- The core pillars of CASB capabilities include, and are not limited to:
- Visibility: A Consolidated view of cloud services landscape; users, sanctioned applications, unsanctioned applications and cloud application risk registry
- Data Security: Prevent unwanted activity based on policy, data classification, user activity monitoring and enforcement
- Threat Protection: User and Entity Behaviour Analytics (UEBA); anti-virus protection, malware identification and remediation; threat feed intelligence and collaboration
- Compliance: Enforcement of cloud compliance standards (PIPEDA, PIC-DSS, etc.); Zero Trust access, Adaptive Access Control (AAC) and custom DLP policies pertaining to data protection.
Multi-mode Next-Gen CASB deliver management, security and Zero-Day protection. CASBs dynamically adapt to deliver protection for known and unknown data leakage risks and malware threats, on any app. Multi-mode CASBs have dual architectures and can operate in agent-based or agentless mode. Agentless mode enables rapid deployment, and is fully interoperable with existing infrastructure such as Secure Web Gateways.
