Nearly a decade ago most of the general public were left scratching their heads when the idea of the Cloud was introduced. They knew and liked the Internet, but what was this new thing that seemed to be just an online storage service. Adoption was slow, even in the enterprise space, but slowly and surely the needle started to move. Fast forward to today where companies and services like Dropbox have helped bridge the gap between the Cloud and mainstream thinking. With mass adoption comes new challenges and the latest revolved around the growing gap in security.
An answer has developed from within the industry in the form of CASB or Cloud Access Security Brokers. Gartner estimates that only 5% of businesses were using some sort of CASB solution in 2015. They see this figure rising to 85% within the next 4 years! If you don’t think that CASB is important, then not only are you in the minority but you should pay close attention to the following.
Cloud Security Today
“Saas security gap” is the term used to describe the divide between how the Cloud is utilized and how it is secured. The good thing is that companies are actively adopting the use of cloud services and are currently uploading large amounts of data every day. The downside is that security measures have not evolved fast enough to ensure that company data is not left exposed. As employees utilize cloud services, security admins are left playing catch-up and often results in the blocking of a cloud service. In turn, the employee turns to newer unblocked services, whose trustworthiness is not as high as the known services.
By implementing CASB, companies will be able to give their employees a safe and controllable path to the Cloud whilst maintaining the protection of their critical business data.
The Right CASB
Choosing the right CASB can be a bit tricky, there are dozens of solutions currently available. However, Gartner aims to make things a bit easier by presenting four criteria to consider when looking at CASBs.
Visibility – an effective CASB must give the company insight into the data, services and activities occurring within their network.
Compliance – an effective CASB must ensure that all data transferred to the cloud is in line with company policies.
Security – it goes without saying but a CASB must enhance the general security.
Threat Assessment – an effective CASB must be able to judge the threat level of compromised accounts, malicious usages and threat events.
When deployed, CASBs act likely a loyal bloodhound that tracks any hidden cloud services that may be lurking in the background. On top of that it identifies the data being transferred, who is doing the harvesting and the potential impact to the network. By utilizing CASBs, companies are empowered to carefully evaluate the various cloud service offerings, and then make a security-focused decision to determine which is the best for them. Finally, CASBs can be thought of as the ideal cloud guardian with its ability to encrypt and tokenize files, its ability to block access depending on geolocation and stop outbound requests based on data leakage policies.
Gartner has once again stepped in to simplify the matter and has arranged the choice of deployment architecture down to proxies and APIs. Proxy-based deployments are by far the more likely option for businesses, as it will give the company the ability enforce compliance. API-based solutions may be the future but it requires a lot of resources to be implemented in today’s environments, as the overwhelming majority of vendors who offer this solution do not have a robust enough platform to handle it. This puts all the pressure on the company to purchase resources to upgrade their systems to provide suitable architecture for CASB to sit on.
CASB In the Near Future
If Gartner is to be believed, the CASB segment of the market is about to experience a massive boom in adoption and growth. Unsurprisingly, the IT security market is already positioning itself accordingly due to the presence of dozens of companies already marketing their solutions. So which one should you go with? How can you identify the correct solution in which you will trust your company’s data with? Once again, try to simplify matters to avoid being overwhelmed with all the choices. Determine which solutions track the most attributes. Data points, or attributes, are the bread and butter of CASBs. The more, the better. Then you’ll have to do a bit more homework on the actual company. Try to find out what cloud services they currently support and what their development pipeline looks like. The bottom line is that you are trying to make sure that the company is progressive, forward thinking and are constantly working towards a better solution.
CloudLock is an excellent example of such a company. Not only does it have rich, easy-to-use features that puts it in the world-class and highly convenient CASB category, but it’s also entirely cloud based. It also enables non-compliant cloud data storage platforms to be compliant once internal policies are configured. That is a big win for companies who want to utilize a particular cloud solution but are unable to due to security constraints. CloudLock can also hook into cloud data storage malware protection products such as CheckPoint’s SandBlast enabling the monitoring of cryptolocker and other ransomware risk and prevention alerts, all in one single pain of glass. Such unique traction ensures that it is not only generating revenue to evolve its services but it has a good shot at surviving the coming turmoil within the CASB segment.
David Share, Director at Amazing Support
David has held positions as Operations Director and Head of IT in legal and professional firms for more than 10 years. He is a Director and co-owner of Amazing Support, a Microsoft Silver accredited and specialist Managed IT Support and IT Services company. David actively helps SME businesses receive better Managed IT Support and IT Services in the London and Hertfordshire areas. He also assists overseas companies who are looking to expand their business operations into the UK and helps with their inward investment IT process. A professional member of The Chartered Institute for IT (BCS) and an event speaker promoting business start-ups and technology awareness. Married with a son, you will often see him riding his bicycle around the Hertfordshire towns! David regularly participates in charity bike rides for the British Heart Foundation.