YOU ARE AT:FundamentalsWhat is a Cloud Access Security Broker (CASB)?

What is a Cloud Access Security Broker (CASB)?

CASBs have become a cornerstone of cloud-centric corporate cybersecurity

Cloud Access Security Brokers are enterprise software solutions which intermediate between users of cloud services and the cloud applications they use. CASBs monitor activity, enforce security policy compliance, mitigate malware threats and perform other vital functions. 

“Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on,” said Gartner, which first defined the category.

CASBs serve as foundational Security Service Edge (SSE) technology. They are also central to Secure Access Service Edge (SASE) solutions, which provide additional Software-Defined Wide Area Network (SD-WAN) capabilities.

SASE and its attendant tools including CASB have emerged as the fastest-growing cloud opportunity in network security, according to Gartner, which predicts a market topping $6.8 billion in 2022 and more than 41% year-over-year growth. 

This uptick reflects general, ongoing enterprise cloud data migration trends away from siloed on-premise data centers, towards public and private cloud services. But it accelerated as workforce culture shifted to a more hybrid model during the pandemic, according to Gartner. 

In a “work from anywhere” era, businesses need policy-driven software which works from any location, on any potential device, to help mitigate risk, eliminate threats, and meet regulatory obligations. To help meet those needs, a CASB will be aligned with other cloud services as part of these complete enterprise cloud security solution. 

Cloud-centric corporate security

“The CASB serves as a policy enforcement center, consolidating multiple types of security policy enforcement and applying them to everything your business utilizes in the cloud—regardless of what sort of device is attempting to access it, including unmanaged smartphones, IoT devices, or personal laptops,” explained McAfee.

By its position between the user and the cloud data and services they’re using, a CASB can mitigate exposure risk from the unsanctioned use of company IT hardware and software, or the “Shadow IT” phenomenon, said McAfee. 

“While stemming the threats resulting from Shadow IT was a primary use case, it wasn’t the only thing that drove widespread adoption of CASBs. During this time, many businesses were moving their data storage capabilities from on-premises data centers to the cloud. This made CASB, which protected both the movement of data (by restricting things like access and sharing privileges) and the contents of the data (through encryption) even more essential,” McAfee said.

A CASB will be bundled with other foundational SSE/SASE services include a Firewall-as-a-Service (FWaaS), a Secure Web Gateway (SWG), and Zero Touch Network Access (ZTNA). FWaaS provides Next Generation Firewall (NGFW) functionality through software. SWG enables users to access remote cloud services and data securely. And ZTNA restricts users to accessing only those network resources they need. To eliminate operational complexity and reduce potential security risk, cloud security providers increasingly emphasize single-stack solutions which comprise these essential elements.

ABOUT AUTHOR