With the cloud becoming a prevalent force in many enterprise companies, Cloud Access Security Brokers are becoming a big deal. Here's how to find out if you need one.
You’ve likely encountered Cloud Access Security Brokers before since they interface with many Software-as-a-Service applications and cloud storage services. They can sit on-premises or in the cloud, but they always reside between users and the cloud to prevent accidental data transfer, infection, or theft.
According to Gartner, Cloud Access Security Brokers provide a secure gateway for data to travel back and forth through the cloud, as well as a host of essential benefits such as access control, anti-malware, data loss prevention, firewall, identity management, and encryption.
In other words, Cloud Access Security Brokers (or CASBs) are intelligent electronic guards that protect you and the data you store and transfer on the cloud. According to the same report, by 2020 85 percent of enterprise companies will have added a CASB to their defenses—here’s how to determine if you need one too.
Do you have a significant cloud presence? Do you use Box, Office 365, Salesforce, social media, or other popular cloud-based apps and services? Then consider a CASB. Many of these apps already include anti-malware or data loss prevention, so you’ll want to make sure your CASB of choice interacts well with third-party services, but the extra layer of protection can only help. There’s added convenience, too, since CASBs offer a central control hub for multiple cloud services for any user on any device. Away from the office? No big deal, just let the CASB authorize users or block them if they’re suspicious.
Do you store vital private data? Are you in the healthcare of financial industries? Do you store personally identifiable information of customers and employees? Then you’re in charge of valuable private data that must be protected. CASBs can identify and classify a company’s sensitive files across devices and cloud providers to prevent the loss of subject data such as credit card numbers, social security numbers, or other types of confidential information.
Do you want to detect and prevent malware? Of course you do. CASBs are adept at detecting, blocking, and preventing the proliferation of harmful data by paying close attention to irregularities like excessive downloading, uploading, or the unauthorized sharing of files on unofficial devices or services, so you’ll likely want to consider investing in one.
Do you want to identify shadow IT? If you want to do a deep dive and find out how users are interacting with your organization’s cloud applications, then you’ll want to think about a CASB. It will help you weed out shadow IT—the unauthorized use of company assets with sanctioned IT—so you can then take measures to govern any unusual activity and set more secure controls and policies such as encryption and tokenization on file-level or data-level. See eperi Cloud Data Protection for more.
Do you want to encrypt important private information? Or rather, do you intend to implement industry best practices to meet compliance? Because you will need to. With the European Union’s General Data Protection Regulation (GDPR) rapidly approaching its full effect date, deciding whether a CASB is right for your organization is crucial.