kitson - Fotolia
Security professionals say one of the best things about their jobs is that every day is different. "Phil? Phil Connors?!" Bill Murray in Groundhog Day it's not.
But like Punxsatawny Phil -- if it's cloudy on February 2, the groundhog is less likely to see his shadow -- visibility in cloud environments has proved challenging for security executives tasked with protecting sensitive data and other assets. Early spring or not, this problem is amplified as organizations adopt multiple cloud services, including unsanctioned applications, which pose shadow IT risks if they are not vetted or on the radar of security teams.
Lack of visibility and control of cloud resources has given rise to software tools known as cloud access security brokers (CASBs). These tools -- which sit between on-premises and cloud resources -- enable policy enforcement such as authentication, single sign-on, device profiling, encryption and more. As cloud services have multiplied, so have the uses for these tools. Some cloud access security broker platforms are starting to offer more features aimed at data security, compliance and threat protection. Cloud access security broker functionality such as firewalls and intrusion prevention systems have also been added to existing gateway products. Navigating all of the technologies and vendors in this space is not an easy task, however.
Do these tools fill the gaps around visibility, shadow IT risks and control of software as a service and other cloud resources? "Combined, they provide the ability to manage who has access to what data, enforce rules around use of the data, ensure integrity of the data, and provide threat assessment and response," John Krull, CIO of Seattle Public Schools, told Jaikumar Vijayan, who reports on different uses for cloud access security brokers in this month's cover story.
As companies strategically invest more in the cloud, these tools can help monitor employees who use mobile devices to store sensitive enterprise data in cloud services. But shadow IT risks still represent the most common reason to employ a CASB and the best place to start, according to Gartner.
Groundhog Day is resurfacing as a musical to critical acclaim on Broadway. Ever had a day you'd like to repeat over and over? For security professionals, surveys indicate their best days were the ones on which they discovered and stopped criminal activity.
Can cloud access security brokers hinder enterprise security?
Learn more about Microsoft Azure security features
- Mobile data protection best practices –SearchSecurity.com
- The Ultimate Guide to Data Encryption in the Cloud –Rubrik
- Best Practices for Data Protection and Security in the Couchbase Data Platform –Couchbase
- Challenges With Data Protection in the Cloud –SearchSecurity.com