HerrBullermann - Fotolia
McAfee acquired Skyhigh Networks, one of the last stand-alone cloud access security brokers, or CASBs, in November...
2017. The success of cloud access security brokers has inevitably led to many acquisitions in the sector; Oracle, Cisco, Symantec, Palo Alto Networks and Microsoft had already acquired a significant number of vendors before McAfee made its move.
The acquisition of various vendors in this space shows that the market is maturing, and that the powerhouse technology companies are looking to incorporate CASB functionality into their existing product suites. This is key to the future of the technology.
At the moment, deploying a CASB involves handing responsibility for yet another system to an IT team already overwhelmed by different technologies. The problem they face is that these technologies are often not integrated with each other, meaning that the team is forced to monitor and respond to alerts from a number of different systems.
The merging of cloud access security brokers into the existing suites of tools offered by the major providers may enable companies to monitor their security posture through a fully integrated suite of tools. While investing in one provider for all the different security options has the downside of a single point of failure, this is somewhat offset by better integration, which means the tool is more likely to be used effectively.
The importance of cloud access security brokers
The functionality provided by a CASB is becoming essential to large enterprises. Software as a service (SaaS) providers cannot be relied upon to integrate CASB-type functionality natively, especially not in a format integrated with an organization's existing systems.
The huge number of cloud services used by organizations, whether sanctioned or shadow, means that the organization must not only have complete visibility into how these services are being used, but must also require granular controls.
The organization needs to provision access as required on a per user or per device basis, extend existing data loss prevention policies into the cloud, provide metrics on the security of the cloud services that are used, and also provide options for compliance. This is especially true with the upcoming European Union's General Data Protection Regulation with which all companies processing data of EU citizens will need to comply.
The increasing importance of CASBs to large enterprises will filter down to smaller organizations as cloud adoption increases; small to medium-sized enterprises are already built entirely on infrastructure-as-a-service and SaaS services.
Organizations need to be careful to not invest in a CASB just because they think they should. Think about the cyberattacks your organization is trying to prevent by deploying a CASB, and then make sure it actually aids in this process. CASBs provide protection against data loss through accidental or intentional leaks onto cloud services, and also interfere with a cybercriminal's ability to upload data from your network if it is successfully compromised.
While a cloud access security broker is certainly one of the more useful products available to help achieve a cyber-resilient organization, it's of limited use without a team capable of understanding these use cases and responding to alerts generated by the system.