By Salah, VP of Marketing at CipherCloud
The ongoing cloud mobile digital transformation has brought cloud access security brokers (CASB+) front and center as an important part of enterprise cloud mobile security architectures. This article will take a closer look at the cloud mobile digital transformation, the new drivers for an improved cybersecurity architecture, and the benefits that CASB+ brings that make it both compelling and essential.
We’ve all seen the weekly barrage of news about the growing number of security breaches and the almost total failure of our legacy cybersecurity architectures. The transition to a cloud mobile world has happened faster than any of us truly anticipated and is part of the reason that many breaches have happened.
Today it is the new normal that your enterprise might have several cloud deployments, perhaps a mixture of private and public clouds hosting internally developed applications such as accounting, finance, or special manufacturing operations software, and public clouds providing software as a service (SaaS) applications such as Slack, Box, Office 365, Salesforce and others. Of course, this cloud mobile world requires that you administer each of these cloud environments separately. Each of them has different security capabilities. Of course, integration between these clouds and existing on-premise systems is the complexity icing on the cake. So many security stacks and very little in the way of consistency.
The explosion in IoT has been continuing with no end in sight. Internet of things (IoT) devices and integrated processors have brought many quasi-endpoints that can no longer be adequately protected. Standard software for endpoint detection and response (EDR) cannot protect many of these devices. There are many types of IoT devices. For example, the security systems that control door access, as well as the enterprise security cameras, are pervasive and yet even as part of your physical security infrastructure unwittingly provide many insecure points for potential cyber attackers to compromise.
In the healthcare industry, medical devices are similarly closed to 3rd party software. The FDA certification does not allow anyone to add any software to these devices so once again hospitals and healthcare institutions don’t have any visibility to the threats that may lurk inside. And even in banking, large networks of automated teller machines (ATMs) remain targets of high value for motivated attackers. Many use IoT interfaces and all depend on special embedded processors to support ATM functionality. Point of sale retail networks suffer from the same IoT vulnerabilities. These IoT endpoints and the accompanying array of integrated devices overwhelm most security architectures. Just putting them “behind the firewall” is no longer enough to guarantee adequate protection. All of these allow attackers to quietly penetrate your networks, and then to work diligently to explore your networks and find and exfiltrate your sensitive data.
Of course, the cloud mobile world is tied directly to the explosion in wireless and mobile devices. Most employees expect to access enterprise resources from their mobile devices, and organizations often don’t have the policies and security controls in place to put the guard rails on this access.
Alternately, the cloud has also created many dangerous temptations. Many employees on authorized corporate platforms, reach out to cloud applications that may run afoul of compliance requirements, let alone fail to adequately protect confidential data. Yet the enterprise has no visibility to any of this.
CASB+ is tailor-made to address the security challenges with the cloud mobile digital transformation. Let us look at how CASB+ can help.
Integrate with the cloud mobile world. CASB+ provides all of the integrations you need to share information between systems using native application program interfaces (APIs). This consolidation reduced the extreme complexity of trying to use multiple security solutions. You can consistently administer policies across the cloud and other platforms.
Visibility gives you control. CASB+ enables you to see and log all activity to your authorized clouds. This gives you the data you need to support compliance, better secure sensitive data, and shut down access to malicious and/or anomalous activity. Most important, you have visibility of potentially unauthorized and out-of-policy activity that places your organization at risk.
Cloud Data loss prevention (DLP) – integrate or stand-alone. Cloud DLP is essential to prevent the leak of sensitive data, either through CASB+ provides one consistent DLP interface that you can use across the broad variety of clouds you deploy. Even your custom applications. Yet you can also integrate CASB+ with your existing enterprise DLP products so that policies can be applied in a uniform way across your enterprise. Most important, with out-of-policy behavior comes an ability to revoke content access at any time. This may be critical to prevent a potential data breach.
Zero Trust encryption has displaced basic “at rest” encryption. First-generation CASB solutions with “at rest” encryption are no longer enough for protecting your clouds. Attackers have successfully breached the APIs that have enabled them to compromise even encrypted cloud data. CASB+ brings a comprehensive encryption solution that protects data “at rest,” in-network transit, in the cloud application layers (API, middleware, memory), and in use. Data encryption keys are strictly retained by you, not shared in the cloud. Most important is that CASB+ enables single key management and policy for all of your cloud applications with uniform controls and a consistent approach.
Detect and defeat malware and malicious attackers faster. CASB+ includes integrated advanced threat feed data which is used by the CASB+ engine to detect and shut down malware quickly. You can leverage your existing security ecosystem to optimize response so this can happen quickly. Technologies like user experience behavior analysis (UEBA) and advanced access control (AAC) can determine anomalous behavior by a user with valid credentials and shut them down. For example, the download of gigabytes of files at 2 am, or perhaps attempting a valid log-in from Beijing only two hours after logging in from Chicago, Illinois.
SAML integration and single sign-on (SSO). CASB+ provides full support for SSO integration to streamline and protect authentication, and to maintain comprehensive logging of user access.
In summary, CASB+ technology gives you the strong security you need to support the cloud mobile digital transformation. CASB+ will help you reduce expense, cumbersome administration of multiple and disparate security stacks, and substantially improve your user experience.
Centralized administration, ease-of-use, and powerful best-in-class functional capabilities make CASB+ an important choice for your enterprise.
CASB+ is a foundation for SASE
Gartner has recently introduced a new cloud architecture, Secure Access Service Edge (SASE), pronounced ‘sassy’. SASE is the future of cloud architecture, solving the complexity of siloed security infrastructure, policies, and measures that are currently divided between on-premises security, legacy solutions, and cloud security. While this concept is not new, until SASE, the closest architecture that discussed continuity between on-premises security and cloud has been the Zero Trust Framework by Forrester. The difference with SASE is it proposes an architecture that we can see taking shape today. Starting with Cloud Access Security Brokers, Software-Defined WANs, Virtual Private Networks as a Service, Firewalls as a Service, Secure Web Gateways, Cloud DNS Services, and Software Defined Perimeter solutions, it is clear we are in a cloud-first security environment. The only on-premises solutions left are either for unique security measures that are industry-specific, i.e. governments, and very large organizations that require hybrid deployment for the foreseeable future.
CASB+ is focused on replicating the kitchen sink of on-prem security, rearchitected for scale, advanced functionality, centralized management, and ease of operations, to provide organizations the right solutions to maintain full visibility of users and data, protection against zero-days, ransomware, data breaches, malicious insiders, and protection of data at rest and in motion. However, the power of CASB+ comes in its ability to integrate with enterprise applications and legacy solutions allowing customers to extend their investment of on-premises solutions such as endpoint and network DLP, integrate with new cloud-focused architectures, such as SD-WAN and IAM/SSO solutions, and help operationalize security and specifically cloud security through integrations with SOC applications for SEIMs, EDR, threat hunting, UEBA, and more.
CipherCloud, a leader in cloud security, provides powerful end-to-end protection for data resident in the cloud. Our award-winning cloud access security broker delivers comprehensive visibility, data security, threat protection, and compliance for cloud-based assets. Uniquely, CipherCloud provides the deepest levels of data protection and real-time data access control to provide an immediate solution for challenging cloud security and compliance problems. The world’s largest global enterprises and government institutions in over 25 countries protect and secure their cloud information with CipherCloud.
To find out more about CipherCloud please go to www.ciphercloud.com.
About the Author
Salah is a seasoned marketing executive with 20+ years of experience in cybersecurity, networking, enterprise and SMB markets. Currently, Salah is the VP of Marketing at CipherCloud and responsible for product marketing and growth marketing. Most recently he headed up enterprise security product marketing efforts at Symantec for 10+ product lines with global responsibility. Previous to Symantec, Salah has held marketing leadership or dual product & marketing leadership roles at companies such as Cisco, Aruba, and NETGEAR. He has a passion for security, for taking innovative products to market and helping companies accelerate growth at any stage.