Published: 16 August 2019
Summary
Cloud access security brokers have become an indispensable security add-on for cloud applications, especially for SaaS. This research helps security and risk management technical professionals compare and decide on CASB use cases, capabilities and architecture.
Included in Full Research
- The Changing Face of Security for Cloud Applications
- Common and Emerging Use Cases for CASBs
- Common CASB Capabilities
- How to Architecturally Integrate a CASB With Cloud Applications
- How CASB Capabilities Relate to Enterprise Security Solutions
- Cloud Application Discovery and Risk Rating Supported by SWG or ENFW Integration
- Adaptive Access Control Supported by IAM and UEM Integration
- Data Loss Prevention Augmented by Enterprise DLP Integration
- User and Entity Behavior Analytics and Enterprise UEBA Integration
- Threat Prevention Augmented by External UEBA and Malware Scan Integration
- Client-Facing Encryption Augmented by Enterprise DRM, KMS, HSM Integration
- Precloud Encryption and Tokenization Augmented by KMS or HSM Integration
- BYOK Key Management Relies on KMS- or HSM-Generated Key Material
- Monitoring and Log Management Augmented by SIEM Integration
- Selecting CASB Capabilities and Architecture Options
- Selecting Capabilities for Unapproved Applications
- Selecting Capabilities for Approved Applications
- Using CASBs for Data Encryption and Tokenization
- Strengths
- Weaknesses
- Take a Cloud-First Approach to CASB Deployment
- Select Use Cases and Capabilities by Using a Risk-Benefit Approach
- Lower-Risk Features for Early Adoption
- Medium-Risk Features for General Deployment
- Higher-Risk CASB Features as the Exception