Industry Insights with Lianne Caetano

What Is a CASB and Why Do You Need It?

Use This Tool to Secure Your Organization From Endpoint to Cloud
What Is a CASB and Why Do You Need It?

Before we talk about CASB, let’s talk about SASE. The term Secure Access Service Edge, designated by the research and analysis firm Gartner, is essentially the convergence of several existing cloud-based security technologies.

See Also: When Every Identity is at Risk, Where Do You Begin?

The need for SASE arose as the global workplace became more mobile and more reliant on cloud applications. It replaces the traditional "castle and moat" security approach in which application and data assets are secured behind a firewall in a corporate data center. This outdated, on-premises, perimeter-based model required remote user traffic to be backhauled long distances to the corporate data center using VPN tunnels.

By converging all VPN tunnels at a central location, IT managers were able to achieve global visibility and control into all managed devices and all data traffic. Of course, as businesses go remote and applications move to the cloud, this "hub and spoke" approach becomes inefficient and ultimately obsolete. Learn more about the limitations of VPN.

SASE security technologies include Cloud Access Security Brokers, or CASB; Zero Trust Network Access, or ZTNA; Secure Web Gateways, or SWG; Data Loss Prevention, or DLP; and certain others, all delivered by a single cloud service at the network edge.

OK, now let’s talk CASB.

A cloud access security broker, usually referred to as a CASB, offers a security gateway between your company’s IT infrastructure and that of a cloud provider. It is a cloud-based software that acts as an intermediary between individual users and cloud-based security-as-a-Service, or SaaS, applications such as Box, Dropbox, Google Workspace, Microsoft 365 and Slack.

CASB, another term coined by Gartner, emerged as services began shifting to the cloud and employees began using these services, with or without the prior knowledge of the IT department. CASBs provide IT managers with visibility into cloud services in use across the enterprise and enable the managers to implement security controls.

The key features of CASB include Data Loss Prevention; User and Entity Behavior Analytics, or UEBA; and Compliance with requirements such as HIPAA and PCI. It provides the same visibility and control provided by a "castle and moat" security approach under the new device-to-cloud model.

What CASB Can Do for Your Organization

  1. Discover cloud services and assess cloud risk.
  2. SaaS governance programs must begin with an inventory of SaaS applications in use, the people using them, and the third-party apps they’ve connected to those applications.

  3. Identify and protect sensitive information.
  4. Enterprise-grade cloud services are appropriate for data of all types, even sensitive data - as long as that data can be identified as such and be continuously protected.

  5. Detect and mitigate threats.
  6. Because of their increasing ubiquity, cloud services are becoming targets for attackers. Customers must diligently guard against malicious activity.

  7. Attain cloud governance and compliance.
  8. Highly regulated industries must assess the security of used cloud services, choose those that meet specific requirements and demonstrate they are governing the use of cloud.

  9. Enable secure and easy-to-use mobility.
  10. Access anywhere, anytime and from any device is a common use case. CASBs enable shades of access, which is more useful than a binary decision to block or allow.

Most IT people understand the obvious benefit of having a service that can ensure and monitor security for third-party storage providers. This gives enterprises a chance to prevent, discover and respond to threats. But the benefits of these services extend to offering a way to monitor activity inside the company.

CASB is a critical tool organizations can use to holistically secure an organization from endpoint to cloud.

To learn more about why integrated endpoint-to-cloud security is essential to safeguard your data while complying with regulations and respecting personal privacy, watch this video hosted by Aaron Cockerill, chief strategy officer at Lookout.



About the Author

Lianne Caetano

Lianne Caetano

Senior Director, Lookout Security

Lianne Caetano currently serves as Senior Director at Lookout Security, where she is charged with educating the market about the growing need to adopt a zero-trust framework as part of a larger security strategy. Bringing more than fifteen years of experience building and leading world-class product marketing tuned to succeed in fast growing markets, she has designed and implemented next-level growth strategies for the tech and cybersecurity industries. Prior to Lookout Security, Lianne has held leadership positions at Apple Computer, McAfee and Netgear, where she helped to shape product portfolios and future direction, as well as advocate for cybersecurity and privacy education. She holds a Masters in Business Administration from the Kellogg School of Business at Northwestern University.




Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.