Cloud computing has not only altered the way the world does business, but it also has brought new and often challenging enterprise security requirements. As a result, a whole new sector of IT has sprung up in the last decade focused on cloud-access security–acronymed CSAB (for cloud access security brokers)–which requires very different skills and tools from data center or campus-centric security.
Going into 2021, there are few areas of security that are more important to businesses, government, the military, consumers or the scientific sector than CASB. This is because all of use are doing the majority of our work in cloud-based applications.
As enterprises adopt new services, applications and methods to manage data, the need to address changing data models and threat risks is essential. Organizations must address an array of issues that revolve around collaborative web applications, data flow, network designs, cloud infrastructure and other key areas.
Although major cloud providers typically offer robust built-in protections—including strong authentication, encryption and malware detection—there are often gaps in protection that result when organizations rely on multiple cloud service providers, different network topologies and numerous applications. These risks often involve key areas such as web application firewalls (WAFs), secure web gateways (SWGs) and data loss prevention (DLP).
Cloud access security brokers (CASB) take aim at this issue. “They deliver differentiated, cloud-specific capabilities generally not available as features in other security controls,” a recent industry report from Gartner Research said. “CASB vendors understand that for cloud services the protection target is…