There are a lot of talks these days about CASBs (cloud access security brokers), but what are they exactly? And more importantly, What are the 4 Pillars of CASB?
In this post, we’ll break down the four pillars of CASB and explain how each one can benefit your organization. Stay tuned!
What are the 4 Pillars of CASB?
The Cloud Access Security Broker (CASB) functions similarly to a firewall, allowing organizations to extend their security management beyond their network bounds. Gartner, a major research organization, has classified diverse CASB features into four pillars: visibility, compliance, data security, and threat protection.
Visibility
One of the essential aspects of cloud service utilization from an IT standpoint is who is utilizing the cloud service and how it is being utilized. The majority of cloud service providers lack auditing and logging features. They offer virtually little assistance. CASBs circumvent these constraints by delivering data points concerning Shadow IT.
It can detect abnormal access to un-sanctioned applications within an organization and generate an appropriate alert. It is also feasible to detect unusual behavior while accessing sanctioned apps.
For example, suppose a user logs in to the sanctioned program Office 365 at 1:00 PM from Boston and logs in again at 2:00 PM from San Francisco. The CASB will not only issue an alert but will also block access from San Francisco.
Another example would be a person attempting to upload documents to an unapproved program such as Dropbox. Because the organization has OneDrive as a sanctioned storage app, access to other cloud service providers such as OneDrive/Box/AWS will be viewed as unusual behavior. An appropriate warning will be triggered.
Compliance
By encrypting data at rest, CASB addresses the issue of data residency. This protects data stored in the cloud against data breaches. It also guarantees that data maintained outside the organization complies with all regulatory obligations. CASBs give out-of-the-box visibility for numerous compliance standards such as PHI, PCI, PII, HIPAA, etc. It also ensures that the organization’s Data Leakage Protection (DLP) on shared data items is monitored.
One example is allowing users to use company Dropbox from the office, but not personal Dropbox accounts.
Data Security
Data Security CASB provides out-of-the-box features for monitoring access to cloud-stored data. It may grant access control over various characteristics, including location, IP address, browser, operating system, and device.
For example, it may restrict access to cloud services such as G Suite outside of the office or offer granular control by restricting access to cloud services to a certain device such as a laptop/desktop/mobile. Allowing the user to use G Suite and Salesforce from the workplace but just G Suite from home is another example.
Threat Protection
Threat Protection CASB delivers a variety of notifications to advise IT of dangers found inside the organization’s users based on user behavior.
A sales professional, for example, tries to retrieve client data from Salesforce. In this case, CASB will issue a notice and block the user from downloading the data.