Securing Enterprises With CASB

What Is CASB?

A Cloud Access Security Broker (CASB) is a software tool or service that sits between an organization’s on-premises infrastructure and a cloud provider’s infrastructure. CASBs are available both as on-premises software and as cloud-based software / service.

Why Do We Need CASB?

A CASB is a gatekeeper that helps organizations monitor and safely use cloud services, while ensuring that network traffic complies with that organization’s security policies and regulations.

CASBs typically offer the following :

Data loss prevention (DLP) to ensure that users cannot transmit sensitive information outside of the corporation
Firewalls to identify malware and prevent it from entering the enterprise network
Authentication to check users’ credentials and ensure they only access appropriate company resources
Web application firewalls (WAFs) to thwart malware designed to breach security at the application level, rather than at the network level

How Does A CASB Work?

CASBs work by ensuring that network traffic between on-premises devices and the cloud provider complies with an organization’s security policies.

The value of cloud access security brokers stems from their ability to give insight into cloud application use across cloud platforms and identify unsanctioned use. This is especially important in regulated industries. CASBs use auto discovery to identify cloud applications in use and identify high-risk applications, high-risk users and other key risk factors. Cloud access security brokers may enforce a number of different security access controls, including encryption and device profiling. They may also provide other services such as credential mapping when single sign-on is not available.

Use Cases For CASBs

CASB tools have evolved to include, or work alongside, other IT security services although they are available in offline mode. CASBs are particularly useful in organizations with shadow IT operations or liberal security policies that allow operating units to procure and manage their own cloud resources.

The data CASBs collect can be used for reasons other than security, such as monitoring cloud service usage for budgeting purposes.

Security Policies for Enforcement

Authentication
Single sign on
Authorization
Alerting
Ability to see authorized and unauthorized cloud usage
Credential mapping
Device profiling
Tokenization
Encryption
Logging
Malware detection/prevention

Arun Kumar BT, Senior Director at Nouveau Labs

A Technology & Engineering leader with extensive experience in developing products & systems in Enterprise Wireless (WiFi), IP Networking/Mobility, Routing & Switching domains. Setup exceptional R&D teams for development & support of wired/wireless networking products in Cisco & Aruba/HPE in the past.

About Nouveau Labs:

Nouveau Labs is actively engaged with multi-national companies to develop & support cloud based Zero Trust products. Engineering engagements includes system engineering/evaluation, product development & support services. Nouveau Labs have been building and nurturing engineering teams to build cloud based secure access, multi-factor authentication, platform migration & AI/analytics features.

For further details, do contact us on contact@nouveau-labs.com.

Comments are closed.