Do you have a cloud based SaaS application? If Yes, Is that SaaS application core to your business? If so, I have the following questions.
(1) How can you enforce your security policies with your cloud connections? (2) How can you comply with the internal and external regulations such as HIPAA, SOX etc? (3) How would you trust the security controls the service provider offer? (4) When a user access the application in cloud, how can you get the visibility of what he is doing? (5) How can you ensure that proper authentication and authorization is enforced? (6) How can you ensure that encryption is enforced for both data in transition and data at rest?
These are the questions I have faced few years ago. I too agree, why should you give your cloud provider full control of your data? I don’t want any of the providers to have a look at my data. I don’t even want my providers to keep the key of my encrypted data. When we planned to use one of the SaaS applications, the biggest question was about how we would enforce our security policies when our users access the application on the cloud. We had mobile devices (BYOD) also in our infrastructure. Our data was so critical to our business and wanted to ensure that security is proper and that should match up the controls we have internally for security as well as regulatory reasons.
Now we have something called Cloud Access Security Brokers (CASB’s) that will help us in this.It will act as a middle man between cloud service consumer and cloud service provider, interpose security policies when you access the cloud based application or resources. Security policies can be of authentication, Single Sign On, Encryption, Logging, Device profiling, Credential Mapping (if SSO is not available), Alerting etc. This will protect the organization from internal and external threats and also will help to meet externally legislated and internal compliance requirements.
CASB’s will ensure that network traffic going out of your premise device to the cloud service provider comply with your organization’s security policies. CASB’s has an auto discovery feature that will identify the applications currently in use and also will help to identify high risk applications, high risk factors such as key management, high risk users etc. This will also help to give some insight into the cloud application use across cloud platforms and to identify unsanctioned use. This can be deployed in on-premise or in cloud, or there are options for hybrid combination as well.
CASB market is wide open now. The trend shown in last one year will continue to be there in 2016 as well. If we look at last one year, we can see a huge demand for this technology. Lot of start-up companies quickly entered to the market and we witnessed some good acquisitions as well.
Adallom, Bitglass, ZScaler, Sky High Networks, Imperva, Bitglass, CloudLock, CensorNet, FireLayers, Netskope, CipherCloud and Elastica are some of the leading CASB’s in the market. Most of the leading product companies have started to be partnership/acquisition with different CASB providers and it is a good indicator of how effective this approach is.
Major acquisitions are; Microsoft –Adallom, Bluecoat systems – Perspecsys, Palo Alto – CirroSecurel, Imperva – Skyfence
Major partnership’s are; Deloitte – Bitglass , Checkpoint – Firelayers, Centrify – Elastica etc
Most of the enterprises have started to shift most of their business critical application to the cloud. Before selecting a CASB provider there are certain key features we should consider. We should look at Audit trail capabilities, features like Identity theft protection, SIEM integration, Real time monitoring and alerting capabilities, DLP capabilities, Secure mobility features etc. Some providers offer minimal features only. Before going for the provider it is more important to have a detailed review of features, use cases so that our investment would surely help us to protect our data and sustain our business. I am sure that CASB technology is capable of mitigating many cloud computing security challenges.