Cloud Access Security Brokers (CASB) are placed between cloud service consumers and cloud service providers to support continuous visibility, compliance, threat protection, and security for cloud services. They act as a security policy enforcement point for Cloud-based Services (primarily SaaS).
Common Use Cases
-> Govern Shadow IT – Discovery, Risk Profiling and Policy Enforcement of Unauthorised Cloud Apps Usage
-> Single Point of Policy Enforcement for SaaS Apps – DLP, IAM, Encryption etc.
-> Security Monitoring
Configuration Monitoring and Management
Access Control – Who had access to what (Internal & External stakeholders)
SaaS Application ownership, control – Who are the admins, business owner(s)
-> Demonstrate Compliance – PCI DSS, ISO, HIPAA etc.
-> Threat Protection
-> Cloud Spend Optimization
Eliminate redundant applications (E.g.: Dropbox and Box)
Dormant accounts / Ex-Employee accounts
Key Program Metrics:
High Risk Cloud Apps Discovered :
Number of High Risk Cloud Apps Detected based on Risk classification parameters
# of Redundant Cloud Apps Eliminated :
Number of duplicate / redundant cloud apps eliminated based on app discovery and use case. E.g.: File Storage consolidated to 1 from 4 (Google Drive, SkyDrive, Box and Dropbox)
Incidents Detected :
How many incidents were detected related to cloud apps usage
Cloud Apps Authorized / Unauthorized :
Ratio of Authorized vs Unauthorized Cloud-Apps in use
Do let me know if you want us to add or modify any of the listed key use cases.
Check out the Cloud Access Security Brokers (CASB) market within FireCompass to get more information on these markets.