Organisations moving to cloud are increasingly considering Cloud Access Security Brokers (CASBs) as a means to implement enterprise security policies in the cloud, but there is still some local hesitation, says Craig McGee, sales engineer – Sub-Saharan Africa at Forcepoint.
While CASB is a big discussion point worldwide, companies do not always understand the correct reason for deploying a CASB in their environment, or they may not know how to do it.
Speaking at the ITWeb Security Summit 2019 in Johannesburg last week, McGee said: “Customers I speak to may say, ‘I understand CASB, but I have to demonstrate quick wins on a CASB purchase’, or, ‘I need to find a driver for it’.”
But as enterprises embrace cloud services, a CASB is necessary to protect data and maintain controls and visibility across this new environment, he said.
“In the traditional work environment, we bought a whole lot of kit, and policies were driven in a top-down approach. But these days, the user is a lot more educated, has a lot more control, a lot more things on his or her hands , and has a lot more pressure to do what they want to do. If users can’t get done what they want done using the tools that are available, they will find their own.
“The only way to put some control back into this environment is to change the structure and look at user- and data-centric approaches. If you have the ability to change their protection automatically, you have the ability to free up your users and stop them if they ‘turn bad’,” McGee said.
Sitting between on-premises infrastructure and a cloud provider's infrastructure, a CASB allows the organisation to secure data flowing to and from in-house IT architectures and cloud vendor environments, extend the reach of security policies and map and monitor the cloud environment.
It allows organisations to implement rules around people, departments and devices – and configurations of these – to protect enterprise data and control access and sharing of enterprise data. However, data loss prevention (DLP) tools are necessary first, and DLP will be a determining factor in the success of the onboarding of a CASB, he said.
“The most important thing for those moving into cloud is their data – both sensitive and non-sensitive data,” he said. “The DLP extends controls and policies into the cloud and allows you to use more cloud because your risk is lower. DLP controls monitoring into the cloud space using CASB as the actual agent, which gives you the ability to use cloud better.”
Noting that Office 365 is a major cloud-based tool in use among local clients, he cited Neil MacDonald, Gartner vice-president and distinguished analyst, as saying that Office 365 users who implement a CASB have an up to 60% lower chance of failure.