At the Gartner Security Summit in June, analyst Brian Reed listed the Top 10 cybersecurity projects for 2019 — IT security initiatives that can do the most to reduce risk. Cloud access security brokers (CASB) came in at No. 5, and Reed said that CASB was the No. 1 IT security spending priority among enterprises.
The uptick in CASB adoption is driven by the need to address security gaps created by increased usage of cloud services and mobile devices. Growing concerns about security have created an urgent demand for control and visibility of cloud services.
A CASB is a security policy enforcement point placed between the users and providers of cloud services, allowing security and compliance policies to be enforced as cloud resources are accessed. Hosted on-premises or in the cloud, a CASB provides IT security personnel with a single point of control over all cloud services, as well as all users and devices accessing those services. A CASB can be integrated with existing tools to ensure that the same security and compliance policies are applied across all network environments, whether on-premises or in the cloud.
There are four equally important pillars of a CASB:
• Visibility. A CASB should enable organizations to monitor user activity within authorized cloud applications, and to detect the presence of shadow IT services. Access to services, and activity permitted within those services, can be controlled at a granular level based on the service, user and device.
• Regulatory compliance. Organizations must be able to assess the compliance of cloud apps and protect the privacy of sensitive personal and corporate data according to data governance and regulatory requirements.
• Data security. A CASB should allow organizations to identify, classify and inspect content stored in the cloud and to apply access controls and encryption.
• Threat protection. Threat intelligence, dynamic malware analysis and other capabilities should be used to detect and respond to suspicious activity, session hijacking and compromised accounts. This will also ensure that users aren’t spreading malware and other threats, either intentionally or unintentionally.
Microsoft Cloud App Security is an easy-to-deploy and highly automated CASB powered by Microsoft security and management tools. It provides protection for a wide range of Microsoft and non-Microsoft cloud services, including Dropbox, DocuSign, Concur, Salesforce and many others.
Its Cloud Discovery feature automatically discovers and assesses all the cloud apps in use by analyzing log files from firewalls and other network devices. Integration with Windows Defender ATP makes it possible to extend Discovery beyond the corporate network to individual devices. Once all apps are identified, administrators can use risk scores in Microsoft’s Cloud App Catalog along with other business and IT criteria to sanction or block specific apps.
APIs enable direct integration of Microsoft Cloud App Security with cloud services. The solution uses the cloud provider’s API to scan user accounts, data and activity logs and define and enforce policies. Microsoft Cloud App Security can also operate in reverse proxy mode, positioned between the cloud service and the end-user, to monitor traffic and enforce access controls and policies.
Microsoft Intelligent Security Graph combines threat intelligence with advanced analytics to detect and respond quickly to attacks. Microsoft Cloud App Security also provides privacy controls to help ensure compliance with many government and industry requirements.
As usage of cloud services continues to expand, organizations need to take steps to ensure those services are monitored and granular security and compliance policies are enforced. Microsoft Cloud App Security is a powerful CASB that provides the visibility and control needed to protect against cloud threats.
Written and composed by Troy Brittain, Director, Collaboration and Content