What is a CASB?

May 4, 2016 By Anthony Scotney

A CASB (Cloud Access Security Broker) is a gateway that sits between users and an end cloud application such as Salesforce, Office365 or any other cloud deployed application. The purpose of a CASB is to control the security of both users and data stored in the cloud. This is achieved by encrypting content before it reaches the cloud, monitoring user access and in some instances automated firewall-like rules to thwart attacks.

Every organization is moving to the cloud in one way or another. Many organizations are simply not aware that the services they utilize on a daily basis are backed by the cloud. Be it through products like Microsoft's Office365 suite, those great mobile apps, the federated identity of Active Directory, or the convenience of hosted Exchange. These are the typical factors forcing organizations to no longer simply ignore the cloud. Whether we like it or not, the cloud is fast becoming integrated into our organizations.

With this mandatory migration to the cloud, industries with specific compliance requirements such as HIPAA, GLBA (Gramm-Leach-Bliley Act), EU Data Protection Directive etc, are forced to act to secure their confidential data. Some compliance requirements offer specificity around encryption and key management. Some of these requirements cannot be met by using off the shelf products. This is where a CASB becomes a mandatory requirement and why Gartner predict 85% of large enterprises will have one in place by 2020.

With the cloud integrated into most enterprise software, organizations have started focusing on how best to control their sensitive data in the cloud. The top 3 issues with data in the cloud are:

Visibility: Who are your users? What are they accessing? Have their accounts been compromised? Are they accessing from insecure devices or systems? Are your users in unexpected geographies?
Security of data: Who can read your data? Is your data encrypted before it leaves your control? What if a cloud service is breached? Can unauthorized users access your cloud data?
Access Controls: Can you immediately identify and mitigate account compromises? Do you have automated capabilities to detect account abuse? How do you suspend compromised access while you sleep?
With the push to the cloud, many security teams find it difficult to control access and security of confidential data. Immediate benefits of using a CASB:

Data privacy: Data is encrypted before it leaves an organization's control, providing complete control over data privacy and separation of encryption from data hosting
Granular user visibility: Some CASB products offer comprehensive real-time monitoring and analysis capabilities to remove the cloud blind-spot
Access controls: Firewall-like controls for locking users to devices, geolocation and preventing unauthorized leaking of confidential information
User Behavior Analysis (UBA or SUBA): Automated analysis of user behavior providing account hijack and insider abuse detection capabilities
Threat mitigation: Threat detection with immediate response capability
Cloud Access Security Brokers are fast becoming an essential piece of security infrastructure for organizations. With an appropriate CASB in place, organizations can mitigate the effectiveness of the two most common security weaknesses that lead to data breaches; user credential theft and vulnerabilities in the application/system. Not all CASBs are created equal, and the feature set and functionality of StratoKey set it apart from the rest.