The CASB Knows: Lifting the Cloud App Visibility Fog

A cloud access security broker (CASB) can provide increased intelligence and insights into your employees’ cloud app usage. The CASB knows what cloud apps are being accessed, who is using them and the risk levels associated with this usage.

Like it or not, you’re living in a cloud-centric world. The use of cloud-hosted applications is growing as organizations and employees take advantage of the efficiencies they offer, such as cross-platform data access, user collaboration and independence from local software installation.

If you haven’t embraced the cloud, it’s time to do so. According to one study, as many as 88 percent of organizations now use public clouds, while 63 percent use private clouds. When clouds are done right, both IT departments and employees benefit.

When the Cloud Becomes a Fog

With this kind of growth, it’s not surprising that many of today’s empowered, always-connected employees thrive on the cloud. To increase efficiency, they continuously seek out and use cloud apps in the course of their jobs. After all, this matches how they use computers and mobile devices in other contexts.

The cloud is convenient, flexible and effective. But many security teams and employees know very little about the security of cloud-based apps or how they’re being used.

Some cloud-based apps may be legitimate and helpful, or at least harmless. Well-meaning employees may be using the best tools they know of. But the use of apps and services that have not been approved by the enterprise creates a parallel computing environment known as shadow IT. This complicates things for system stakeholders and security specialists.

Spotlight on Shadow IT

It’s important to find out how shadow IT impacts your enterprise and how to rein it in. Where is data really moving? Does opening a connection to a new cloud service expose more data than it should? When you don’t have visibility into cloud usage, it’s hard to know its potential ramifications, good or bad.

Paradoxically, the low cost and easy access of the cloud have placed cloud security issues at the top of virtually everyone’s list of shadow IT challenges. You can’t protect what you can’t see, and that holds especially true with cloud security threats. If you don’t have visibility into your employees’ use of cloud-based apps, you can’t take steps to protect the enterprise.

The greatest challenge is managing the use of cloud-based apps to benefit your employees as well as your organization.

Policing Cloud App Use

Visibility is key, but cloud-based apps operate outside your network boundaries. Short of scrutinizing every network packet, you may be missing more than you see.

The proliferation of mobile devices that operate on or outside of your network also makes policing app use trickier. You need to be able to identify employee app usage patterns and take steps to secure them.

Most employees have good intent: They just want to do their jobs as efficiently as possible. Many don’t understand, however, that the path of least resistance may be jeopardizing enterprise security.

You can take three easy steps to help ensure secure cloud use:

  • Detect: Identify risky behavior to understand the status quo.
  • Connect: Provide sanctioned paths to cloud-based software and clearly defined usage roles.
  • Protect: Manage compliance so employees have clear policies and secure access to the software they need.

The CASB Knows

Luckily, there are ready-made cloud security solutions to solve the problem of unmanaged or poorly managed cloud app access. CASBs help document, control and safeguard the use of cloud-based software.

A CASB can provide critical insights into your organization’s use of apps and services. Instead of just knowing (or not knowing) that your employees are using cloud-based services, a CASB-equipped enterprise can see exactly what services, sanctioned or unsanctioned, are being used. That’s important for business planning as well as security and compliance efforts.

Read the Gartner Report: How to Evaluate and Operate a Cloud Access Security Broker

Contributor'photo

Mark Campbell

Portfolio Marketing Manager for Cloud Security, IBM

Mark has a robust background in many roles including System Engineering, Product Management and Product Marketing. He...