Increasingly, Cloud Access Security Brokers (CASB) are being used by IT to align with their cloud strategies well beyond app discovery and risk assessment of unauthorized apps. Organizations are getting more value from CASBs by securing and controlling sanctioned cloud applications such as Office 365, Salesforce.com, Box and Google Apps, among others. Consistent with the 2016 Cyberthreat Defense survey, we also see our customers wanting to enable controls over the proliferation of corporate data as an essential requirement when adopting cloud file sharing services (think files with regulated and sensitive data in Box or Dropbox for example).
Our Customers are also using CASBs to prevent advanced threats on cloud file sharing services such as account takeover attacks or “man in the cloud attacks”. We expect these types of attacks will continue targeting cloud applications that are both universally accessible – and also where a shared security model for cloud apps often requires the subscribing organization to have controls (such as a CASB).To address this CASBs help ensure cloud app login credentials aren’t abused when and if they fall into the hands of an unauthorized user.
We have noticed a slight departure from the survey results for “low incidence of using CASBs to granularly control user access to cloud services.” In most of the Imperva Skyfenceproduction deployments, customers are utilizing CASB to enforce access controls on their sanctioned cloud apps. IT organizations are finding that once they’ve successfully monitored cloud app user activity, they, in fact, want to place some granular controls over user access similar to the policies applied to traditional in-house applications.
For cloud apps, these include, for example, enforcing unique data access policies depending on whether the endpoint device is managed or unmanaged, or simply preventing downloads of sensitive or regulated data (SSN, PCI, HIPAA data) to BYOD endpoints. In other words, IT organizations are saying “yes” by allowing users to access cloud apps but at the same time, applying granular control capabilities to enforce exceptions to policy needed for their business.
For more information, please read the full 2016 Cyberthreat Defense Report here.