One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 2016532 |
| Date de publication | 2020-11-05 06:01:00 (vue: 2020-11-05 06:05:48) |
| Titre | What is a Cloud Access Security Broker? CASB explained |
| Texte | This blog was written by a third party author. What is a Cloud Access Security Broker (CASB)? A common component of modern cybersecurity infrastructure, a cloud access security broker (CASB) is technology that provides monitoring and mitigates risks from employee use of cloud services. CASBs were initially developed to fill a gap in cloud security visibility left behind by traditional firewalls, next-generation firewalls, and early secure web gateways, which struggled to identify instances of the unapproved use of cloud services, otherwise known as shadow IT or rogue IT. Since then, CASB has evolved into a fully featured cloud governance control that can both monitor and manage which cloud services employees use and how they use them, whether they're connecting from the corporate network or remotely. According to Gartner, in spite of slowing spending growth across the security industry, organizations have bolstered their CASB spending by 33% in 2020 as the category "has entered the mainstream," posting the largest increase of any information security market. The benefits CASB provides Industry experts say that the features and benefits of CASB tend to cluster around four major areas: visibility, compliance, data security, and threat protection. These are what Gartner analysts first coined as the four pillars of CASB. Visibility CASB provides insight, alerting, and reporting into inbound and outbound cloud activity. This includes visibility into which cloud services are being used, who is using them, what content is being sent and stored in the cloud, and whether security policies are being followed in the process. Compliance Beyond basic behavioral visibility, CASB gives risk and compliance personnel granular reporting that makes it possible to track how regulated data is stored across various cloud services. The level of detail makes it easier to prove to auditors whether cloud data handling and encryption practices for personally identifiable information (PII) meet compliance requirements for regulations like PCI DSS and HIPAA. Data security Reporting is just one component of the data privacy and security role that CASB plays. It can also enforce a range of data security policies. This includes access control based on contextual variables like role, device type, device protection status, geography, and more. CASB can extend data loss prevention (DLP) controls across the cloud and restrict sharing of certain classes of data across all cloud stores or certain providers. In addition, CASB can be configured to enforce encryption or tokenization practices and support enhanced authentication practices and integration with technology like single sign on (SSO) and identity and access management (IAM) platforms. Threat protection CASB provides controls and integration with other security products to protect organizational data from both insiders and external threats. A key part of this is behavioral-based activity monitoring to block and alert suspicious activity that could indicate negligent or malicious insiders or potentially compromised accounts. Additionally, many CASBs can analyze for and block malware in cloud resources. Where can a CASB be deployed? CASB deployments can vary greatly, with the category offering a range of possibilities for monitoring and enforcement usage from: Inside the network Remote work connections Cloud-to-cloud connections Visibility and controls are applie |
| Envoyé | Oui |
| Condensat | 2020 access accessing according accounts across activity addition additionally alert alerting all also analyst analysts analyze another any apis app appliances applied architectures are areas: around auditors authentication author based basic because behavioral behind being benefits best beyond block blocking blog bolstered both broker but can capabilities casb casbs cases category certain classes cloud cluster coined collection common compliance component comprehensive compromised configured confused connecting connections content contextual control controls corporate could cyber cybersecurity data defined degree delivery depending deployed deployments describe detail developed device dlp dss earliest early easier edge employee employees encryption enforce enforcement enhanced entered evolved experts explained extend external featured features fill filtering filters firewalls first focused followed forwarding four frequently from from: full fully functionality gap gartner gateway gateways generation geography gives governance granular greatly growth handling has have hipaa how iam identifiable identify identity inbound includes increase indeed indicate industry information infrastructure initially inside insiders insight inspects instances integration integrations interacts its just keep key known largest latest left level leverages like log loss machines mainstream major makes malicious malware manage management many market meant meanwhile meet mitigates model models modern monitor monitoring more much native negligent network networking new next now offer offered offering one optimization options organizational organizations other otherwise out outbound over overlap part particularly party pci personally personnel pii pillars platforms plays policies policy possibilities possible posting potentially practices prevention privacy process product products protect protection prove provided providers provides proxies purest range regulated regulations remote remotely reporting requirements resources restrict reverse risk risks rogue role sase say secure security sense sensitive sent service services shadow shared sharing siem sign since single sites slowing software solely some sometimes spans spending spite sso status stored stores struggled such support suspicious technologies technology tend term them then these they're third threat threats through today together tokenization track traditional traffic transformative two type unapproved upon usage use used user using variables various vary vendors visibility wan web well what where whether which who work written |
| Tags | Malware Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.