Cybersecurity is a large and growing problem for today’s businesses. The pressure is on to find solutions that help protect organizations’ applications, data, and other assets. Because more applications are moving to the cloud, we’ve seen a rise of interest in a relatively new product category known as the cloud access service broker.
Gartner (News - Alert) in June called cloud access security brokers a top 10 information security technology. And the research firm forecasts that 85 percent of large enterprises will use CASBs by 2020. That’s up from less than 5 percent today.
“CASBs address a critical [chief information security officer] requirement to set policy, monitor behavior, and manage risk across the entire set of enterprise cloud services being consumed,” Gartner noted.
The reason organizations are deploying CASB solutions now is because they are running more than one business application in the cloud, said Salim Hafid, Bitglass product marketing manager. Bitglass, which in January raised $45 million in series C funding, makes managing security for multiple applications easier by providing a single pane of glass for that purpose.
CASB is now expanding to address infrastructure as a service and mobile adoption, Hafid added. The ability to support mobile is relatively new for CASB, he said, as in the past companies tended to have a dedicated cloud solution and then separate security for mobile devices.
“CASB is a fast growing market, and it really – unlike a lot of these traditional solutions – it works for the cloud,” Hafid said. “Cloud is an inevitable trend. And mobile is something you can’t stop.”
Bitglass, CipherCloud, Cisco (News - Alert), Forcepoint, Microsoft, Netskope, Oracle, Skyhigh Networks, and Symantec are among the leading providers of CASBs. Many of the large companies added CASBs to their product portfolios via acquisition.
For example, Microsoft in 2015 bought Adellom. In 2016 Symantec purchased Blue Coat, Cisco snapped up CloudLock, and Oracle acquired Palerra. And just earlier this year, web security and data loss prevention solution provider Forcepoint bought Imperva Inc.’s Skyfence CASB technology.
“As cloud applications become more pervasive, customers are trying to strike a balance between the benefits these services offer and the risks that exist,” said Kris Lamb, general manager of the cloud security business at Forcepoint. “Integrating Skyfence with Forcepoint’s cloud security platform will offer the best of both worlds. Businesses will feel comfortable providing the productivity benefits cloud services offer, while not jeopardizing the security of critical data and improving their overall governance and compliance posture.”
CASBs sit between the cloud and the enterprise to provide security relative to an array of popular cloud-based applications, infrastructure, and platforms. For example, they address such applications and services as Amazon Web Services, Box, Dropbox, GitHub, Google Drive, Office 365, Rackspace (News - Alert), Salesforce, and Service Now. (The applications, platforms, and services that CASB solution providers list on their websites vary by vendor.)
To give you a sense of the functionality of CASB solutions, CipherCloud says its Cloud Security Broker features activity monitoring and anomaly detection; have any device, anywhere support; API integration; compliance scanning; granular policy controls; and policy-based encryption. And research firm Forrester (News - Alert) says CASBs at a minimum should be able to detect and intercept unusual or fraudulent activities associated with data in the cloud; identify, neutralize, and eliminate malware in cloud platforms; do the same relative to unsanctioned cloud applications and platforms usage; protect against leaks of confidential information; encrypt both structured and unstructured data in cloud platforms; and aid the investigation of suspicious users and incidents.
To the first point, Forrester explains: “A normal pattern of behavior for sales reps at your firm might include accessing 10 to 15 customer records in Salesforce per day. If a sales representative accessed or downloaded several thousand records in a day, this is a sign of suspicious and likely fraudulent activity. It’s critical that S&R pros receive alerts on this type of behavioral anomaly. After detecting such anomalous activity, S&R pros may decide to intercept the user session and lock out the user to prevent a breach or exfiltration of sensitive data.”
In the white paper “Working the Numbers: How to Quantify the Value of a Cloud Access Security Broker” published January 2017, Oracle explains that “a CASB uses machine learning and automation to provide a critical control point for the secure and compliant use of cloud services across multiple providers. Centered on delivering visibility, compliance, data security, and threat protection, a CASB should include integration with your existing enterprise security solutions such as security information and event management, identity as a service, and next generation firewalls. Instead of relying on manual processes for identifying and remediating risk, the CASB does it for you – saving significant time and eliminating human error.”
That’s important not only for security and efficacy purposes, but also in light of the shortage (and, as a result, high cost) of cyber security professionals, Oracle adds.
“The top-paying cyber security job is a security software engineer with an average annual salary of $233,333, according to a May 2015 report from the job board Dice,” Oracle says. “That tops the salary for a chief security officer, which is $225,000. And these professionals are an increasingly scarce resource. In 2014, the Cisco Annual Security Report warned that the worldwide shortage of information security professionals was at 1 million. Michael Brown (News - Alert), former CEO at Symantec, expects that to rise to 1.5 million by 2019. The evidence is mounting that people-centric approaches won’t work.”
Edited by Alicia Young