In a bygone era, every company’s digital work took place on in-house servers. And when everything lives on the same servers, securing that work is relatively easy. Full control of your servers meant (mostly) full control over the digital information traffic in and out of an organization.
Today, the equation has changed. Most companies are moving their work to the cloud, or trying to figure out how to migrate if they haven’t already started. The reasons to make the transition to cloud are numerous; efficiency, ease of collaboration, scalability, and more await.
This presents a challenge for IT professionals. Securing their company’s work is significantly more complex when that work moves to the cloud. The power to track every event in which information enters or exits an organization, once the norm, feels like a far-off memory. But an emerging product category holds promise to make that memory a reality once again: the Cloud Access Security Broker (CASB).
Tracking information traffic with a CASB
A CASB is a third-party software integration that works across all the major software products used in an organization. The CASB software tracks and analyzes all information sent and received by each tool. This enables a granularity of insight akin to that which was possible when all information sent and received by a company could be tracked on its own servers.
Today, CASBs are used by IT teams to achieve greater visibility, compliance, threat protection, and data security.
CASBs illuminate which shadow IT cloud services are being used in an organization and enable visibility into user activity of sanctioned cloud applications. CASBs give companies a 360-degree view of all the cloud services they use – and let them tailor secure access to each. This comprehensive view also allows an organization to see whether and where their various services overlap in functionality, creating an opportunity to reduce costs.
CASBs help identify sensitive data in the cloud and enforce DLP policies to meet data residency and compliance requirements. By providing information on the risks of various cloud services, they help companies make better-informed decisions and ensure compliance with standards like FINRA, PCI, and HIPAA.
CASBs can be configured to block specified services, devices, or users – and even post-login behaviors and signals – through adaptive access controls. For example, an employee who either wittingly or unwittingly attempts to upload an infected file can be prevented from doing so, in real time. This allows organizations to detect and respond to negligent or malicious insider threats, privileged user threats, and compromised accounts.
CASBs also allow IT teams to enforce data-centric security practices such as secure collaboration in cloud services, access control, and information rights management. Controls may be customized based on a variety of factors, such as data classification or user activity. Utilizing advanced data loss prevention (DLP) methods (like document fingerprinting, among others), CASBs can notify IT when sensitive data is being transmitted, allowing them to take further actions as necessary.
How CASBs fit into today’s IT and threat landscape
Today’s information security threats have evolved to include blended threats using multiple exploits and obfuscation technologies. The increasing subtlety of these attacks makes them ever more difficult to detect, even by experienced IT professionals. With the visibility provided by a CASB, security teams can rise to the challenge, and IT teams can more easily meet their compliance requirements.
To learn more about how to secure your organization in the cloud, check out the Atlassian Trust Center.