CASBs (Cloud Access Security Brokers) sit between an organization’s on-premises infrastructure and the cloud provider to ensure enterprise security policies are enforced. CASBs allow enterprises to go beyond their own infrastructure to ensure network traffic between on-premises devices and the cloud comply with their security policies.
Although still relatively young, CASBs have matured a lot recently, having evolved to the point where many analysts feel CASB will soon be as important as firewalls were when we were all working on PCs instead of laptops. Gartner’s prediction is that 60% of large enterprises will use CASBs by 2022 (a 20% increase on 2018) while Forrester is predicting that by 2023 cloud security will become a $112.7B market.
Many organizations initially purchased CASBs to combat shadow IT when traditional security tools didn’t provide this visibility, especially when the corporate data center never saw the network traffic. CASB proved the eye-watering amount of cloud services that organizations were using.
So Where Are We Now?
Today’s CASBs are more fully-featured and integrated into enterprise security, connecting to email, web application gateway devices, identity management systems, and single sign-on tools.
Another driver has been the increase in compliance rules, such as the General Data Protection Regulation (GDPR) and the greater publicity of numerous data breaches. A CASB can show, in a single place, where an organization has the most risk and summarizes security issues.
Increased adoption of cloud computing has also made CASBs more compelling. As companies moved out of data centers – or removed them entirely – CASBs became essential security tools. “There is no way to install security agents to protect files stored on Box or OneDrive,” says Forrester’s report.
The threat landscape has evolved and we now have more blended threats using multiple exploits alongside obfuscation technologies to make malware harder to find. Phishing attacks are getting more subtle. As a result, CASBs are now being used to enhance malware protection.
The new generations of CASB offerings provide a product that is understandable, easy to bring online and with a greatly increased portfolio of apps they can protect. So if your IT department needs visibility of all cloud programs, apps, files, data, and users across many platforms and providers from a single access point, it is time to look at CASB.