Gartner Research

Select the Right CASB Deployment for Your SaaS Security Strategy

Published: 12 March 2015

ID: G00270559

Analyst(s): Craig Lawson , Neil MacDonald , Sid Deshpande


Cloud security leaders evaluating CASB functionality must consider the nuances of how the technology is deployed to secure SaaS applications, and the implications on the end-user platforms that use it. We describe what must be considered for successful CASB selection.

Table Of Contents
  • Key Challenges



  • Start With a SaaS Application Discovery Phase Before Undertaking a CASB Deployment
  • Make IAM Integration a Foundational Capability of Your CASB Evaluation
  • Decide or Pragmatically Settle on the Deployment Mode That Works Best for Your Range of Applications and Types of End-User Access Methods
    • Mode 1: Reverse Proxy Mode
    • Mode 2: Forward Proxy Mode
    • Mode 3: API Mode
  • Consider the Implications of the End-User Computing Options Supported in the Organization When Judging How the CASB Provider Delivers Against the Four Pillars of CASB Functionality
  • Ensure That the Implications of a CASB's Encryption and Tokenization Features of the Organization's Data in a SaaS Application Are Understood
  • Use CASBs to Extend the Organization's DLP Strategy to Data Deployed in the Cloud
  • Ensure That the CASB's Threat Prevention Features Are Given Appropriate Weighting
  • Define the Requirements for CASB Integration With Your Existing Security Tool Chain

Gartner Recommended Reading

©2021 Gartner, Inc. and/or its affiliates. All rights reserved. Gartner is a registered trademark of Gartner, Inc. and its affiliates. This publication may not be reproduced or distributed in any form without Gartner’s prior written permission. It consists of the opinions of Gartner’s research organization, which should not be construed as statements of fact. While the information contained in this publication has been obtained from sources believed to be reliable, Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartner research may address legal and financial issues, Gartner does not provide legal or investment advice and its research should not be construed or used as such. Your access and use of this publication are governed by Gartner’s Usage Policy. Gartner prides itself on its reputation for independence and objectivity. Its research is produced independently by its research organization without input or influence from any third party. For further information, see Guiding Principles on Independence and Objectivity.

Already have a Gartner Account?

Purchase this Document

To purchase this document, you will need to register or sign in above

Become a client

Learn how to access this content as a Gartner client.