software & applications
CASB AND THE SEARCH FOR SAAS SECURITY
Gartner predicts that , by 2019 , more than 30 per cent of the 100 largest vendors ’ new software investments will have shifted from cloud-first to cloud-only . Undoubtedly , the future of software is a cloud based one and yet , security doubts continue to ignite fear in organisations that are otherwise keen to adopt these solutions . Eduard Meelhuysen , head of EMEA at Bitglass , explains why businesses need robust visibility and control capabilities in order to keep sensitive corporate data safe .
A
comprehensive security solution is needed to secure Softwareas-a-Service ( SaaS ) applications . The solution needs to offer visibility , data security , threat protection and compliance . Cloud Access Security Brokers ( CASBs ) are a data centric solution for securing applications end-to-end , from cloud to device . By intermediating or ‘ proxying ’ traffic between cloud applications and end user devices , CASBs can offer IT administrators granular access control and deep visibility over corporate data – critical functionality for organisations moving from internal , premises based applications to the cloud .
Cloud application vendors like Amazon and Microsoft are motivated to do the best they can to secure their infrastructure and protect against threats to their applications . After all , headline news of a DDoS attack , malware outbreak or large data breach could be detrimental to a cloud service provider ’ s reputation . However , cloud App vendors have no power over access control and data downloads . This is the enterprise ’ s responsibility . Theft of user credentials , regulatory compliance failure , and data leakage due to improper controls all rest on IT .
Balancing IT needs and employee demands
Years ago , employees simply accepted a poor IT user experience as a necessary evil . Today , employees are quick to reject IT solutions that hinder productivity and that impede on their privacy . Enterprises must adopt user friendly solutions that enable a more productive , mobile workforce .
Finding a CASB that can meet these key requirements will help to prevent employees from ‘ going rogue ’ and working around IT . The solution needs to take into consideration :
• Usability : Consumer Apps have set a high standard for users , which in turn has created the expectation that cloud apps in the enterprise will match that experience and enhance , not hinder , productivity .
• Privacy : Employees have not only an expectation , but a right to privacy . Gone are the days when it was acceptable for IT to capture personal traffic in the security net .
• Mobility : Employees want to have the latest devices and access corporate data and corporate SaaS applications without restriction – even if their employer doesn ’ t own or manage their devices .
What to look for in a CASB
While enabling mobility is often a benefit to productivity , SaaS applications also make data access much easier , which can pose a threat to security . A complete CASB must close this gap by protecting data-at-rest and data-in-motion across all devices . Cloud , mobile , discovery and
20 | March 2017