Q
Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

How can cloud access security brokers improve enterprise security?

Cloud access security brokers can help enterprises enforce security policies in the cloud. Expert Dan Sullivan discusses the benefits.

I've been reading more about cloud access security brokers. How would you define them in practical terms, and what...

are the security benefits for organizations that use public cloud services?

Cloud access security brokers (CASBs) are services that sit between an organization's on-premises infrastructure and the cloud provider's to ensure enterprise security policies are enforced. CASBs allow enterprises to extend the reach of their policies beyond their own infrastructure by ensuring network traffic between on-premises devices and the cloud comply with those policies.

Brokers may enforce a number of different security controls, including encryption and device profiling. They may also provide other services such as credential mapping when single sign-on is not available.

CASBs are particularly useful in organizations with "shadow IT" operations or liberal policies that allow operating units to procure and manage their own cloud resources. CASBs act as a gatekeeper to enforce compliance with enterprise policies even if network traffic does not originate with formally managed devices. CASBs can use auto-discovery features to identify cloud applications in use. These features can also help identify high-risk applications, high-risk users and key risk factors, such as key management.

CASB services may collect data that is useful for other purposes, such as demonstrating compliance, monitoring cloud service usage and auditing. Vendors in the cloud access security space include SkyHigh Networks and Netskope.

The value of cloud access security brokers stems from their ability to give insight into cloud application use across cloud platforms and to identity unsanctioned use. This is especially important in regulated industries. Of course, any enterprise at risk of substantial data breaches can also benefit from monitoring the applications and workflows that manipulate confidential and private data.

Ask the Expert!
Have a question about cloud security? Send it via email today! (All questions are anonymous.)

Next Steps

Learn how cloud service brokers can both help and hinder enterprise security

This was last published in March 2015

PRO+

Content

Find more PRO+ content and other member only offers, here.

Essential Guide

Secure cloud computing requires key skills, knowledge of tools

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

2 comments

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Would your enterprise consider using a cloud access security broker? Why or why not?
Cancel
I believe it is fine to use a CASB so long as deployment gets done in the following three ways:
  • Via a proxy-like, on-premises gateway
  • Through a host-based agent model
  • With an API-based, cloud-native SaaS solution.
CASBs are important as cloud applications projections show they are here to stay. Cloud application dealers are solving security issues by securing the infrastructure layer. Lastly, a public cloud application gets increasingly seen as a business enabler.
Cancel

-ADS BY GOOGLE

SearchSecurity

SearchCloudComputing

SearchAWS

SearchCloudApplications

SearchServerVirtualization

SearchVMware

ComputerWeekly.com

Close