We’re in a cloud and mobile-first world, where people access multiple devices from any location. Security and privacy programs must accommodate data that recognizes no perimeter.
We offer best-of-breed technology to safely enable the growing use of cloud-based services within organizations. Gartner calls this category cloud access security brokers, or CASBs (“caz-bees”). CASB use cases include combating shadow IT, extending DLP policies to core sanctioned apps, and unifying control of SaaS, IaaS and web app traffic through a single gateway.
Once you understand your traffic, apply enhanced encryption, detect malware and other threats, and identify anomalous activity that’s worthy of closer inspection.
CASBs assess the risks that are unique to cloud-based vendors, measuring each app on a 1 to 100 point scale of enterprise readiness. Once you understand the usage of all these cloud services, you can optimize that activity, directing employees to fewer but less risky ones, potentially at lower cost and on better terms.
Let’s start by creating your Cloud Risk Assessment report that shows you all the cloud-based services within your network and the riskiness of each one.
Shine a spotlight on Shadow IT
Shadow IT is an organizational behavior characterized by an employee’s use of technology without explicit permission from corporate IT, Procurement, or some other authority figure. Shadow IT is associated with innovation, speed and agility within a line of business, but it also creates security and privacy compliance issues that must be managed to guard against malware, malicious leakage of company data, theft of user credentials, and breaches of regulatory compliance. No vendor inventory is complete without the kind of visibility and control that only a CASB can provide.
The tremendous growth in the number of cloud-based services used in the corporate environment has created a huge opportunity for companies to realize the benefits of optimization. The procurement and management of these services tends not to be well coordinated or centrally managed. We can work with you to realize economies of scale by consolidating separate subscriptions and identifying dormant activity that generates cost for your company, among many other optimization techniques. In addition, we can help you find ways to achieve most favored clauses on numerous terms and conditions in your contracts with cloud-based service vendors.
Extend DLP policies to core sanctioned apps.
For many companies, Office 365 represents the first major, sanctioned use of a cloud-based application. If your company uses Office 365, Salesforce.com, Box, ServiceNow, NetSuite, Workday, or any other sanctioned SaaS application, we can coach your employees to use them responsibly and give you the critical visibility and control over that activity.
Combine web and cloud app gateways.
It no longer makes sense to monitor web and cloud app traffic separately. Enforce a unified policy with a single gateway.
C’mon, get sassy.
The CASB category has evolved into a broader category that Gartner calls secure access service edge (SASE, pronounced “sassy”). SASE provides a robust, global, zero trust, post-Internet network that enables any device, anywhere, to safely connect directly with SaaS apps. SASE optimizes data traffic flow so, for example, an employee using their laptop on the road might connect to an app directly, without having to hairpin through the corporate network. SASE is displacing conventional VPNs.