In the past, all the applications used by an organization reside in on-premise servers inside their data centers. IT departments can securely store company data and monitor its transmission. Later on, when companies started adopting cloud solutions, IT departments realized that employees are accessing services both approved and unapproved using devices issued by the company as well as their own. To address the security of data content stored in multiple places including the cloud, and data movement across users, devices, applications, and private and public networks, a cloud access security broker (CASB) has become a vital component of modern IT infrastructure.
What is a cloud access security broker (CASB)?
A CASB is a broker or intermediary between cloud users and cloud applications. These were previously network appliances, but today are software applications that are located inside the network or as cloud-native applications. Cloud access security broker can deliver management features only, such as monitoring and mitigation. Some offer CASB security only, which is prevention of high risk events. Some CASB tools offer multi-mode or a combination of security and management features. Cloud access security brokers can be deployed as an API-only tool or as a proxy, located between the user and the cloud.
Features and benefits of CASB
CASB solutions provide monitoring and management features to deliver specific benefits, also called the four pillars of cloud access security brokers:
- Visibility – provide comprehensive visibility into which cloud services are being used, who is using them, what is being sent or stored, and which policies are being followed.
- Compliance – provide reporting to determine the areas of highest risk in terms of compliance.
- Data security – enforce data security policies such as access control, sharing restriction, encryption, and enhanced authentication.
- Threat protection – with integration to other cybersecurity products, it can compile usage patterns and help detect and remediate theft and unauthorized access or block malware.
CASB software continues to add more capabilities as the number of cloud apps and ways to access them also continue to grow.
Best CASB software solutions & vendors for 2021
CASB vendors explain that cloud access security brokers are now essential in any modern cybersecurity strategy. They can help discover all cloud apps and resources used in the organization to spot shadow IT operations. Risky apps can be identified and access to them revoked. The best CASB can also help identify compromised user accounts while enforcing data loss prevention (DLP) policies to data in cloud apps. Here are our list of top CASB solutions in no particular order.
Palo Alto Networks
Palo Alto Networks offers Prisma products to help an enterprise secure its data and applications. Prisma SaaS provides advanced data protection and consistency across applications to minimize the increased risks of data exposure, breaches, and noncompliance. Features include risk discovery, DLP, compliance assurance, data governance, user behavior monitoring, and advanced threat protection. Another product, Prisma Access, offers secure access service edge (SASE) which provides networking and security in cloud-delivered infrastructure.
Broadcom Symantec
Broadcom Symantec’s CloudSOC CASB helps companies using SaaS, PaaS, and IaaS platforms to stay secure and compliant. It has automated cloud-activity intelligence and machine learning that can trigger policy responses, create risk diagnoses, and free up IT resources. Other features include the ability to monitor thousands of server-side and mobile cloud apps, DLP with automated data classification, user behavior analytics, multi-mode oversight using APIs, real-time traffic processing, and input from data feeds.
Proofpoint
Proofpoint CASB provides cloud data protection to secure applications such as Microsoft 365, G Suite, Box, and others. It protects users of cloud apps from threats, data loss, and compliance risks by providing granular visibility into users and data at risk. Users gain insight of the usage at a global, app, and user level. They can identify which SaaS files are at risk while dashboards allow them to check suspicious logins, activity, and DLP alerts.
Forcepoint
Forcepoint CASB is a security solution for gaining visibility into shadow IT in the company. It identifies and categorizes cloud apps that have access risks and pinpoints which services should be monitored and which ones should be allowed. The CASB software can also prevent accounts from getting compromised with features such as machine learning and UEBA to establish behavior and calculate risks. Other features include enforcing unique access and security policies on both managed and BYOD devices, DLP integration, file sharing controls, and intelligent threat detection.
Netskope
Netskope is a CASB security provider that enable companies to adopt cloud applications and services without sacrificing security. The software solution allows users to quickly identify cloud applications and manage their usage, whether the apps are approved or unapproved. It helps prevent sensitive data from leaking out accidentally or intentionally. Some of the cloud apps and services it protects are Box, Dropbox, Egnyte, G Suite, Microsoft 365, Microsoft Teams, Salesforce, ServiceNow, Slack, and Workplace.
Fortinet
FortiCASB is a cloud-native SaaS solution designed to provide organizations the four pillars of visibility, compliance, data security, and threat protection capabilities. Reporting tools provide users insight into resources, users, behaviors, and data stored in the cloud. It is an API-based CASB with direct access to cloud data for on-network and remote protection. Other features include customizable DLP tools, predefined compliance reporting options, policies and configuration assessments, integrated antivirus and sandbox, and advanced analytics.
McAfee
In January 2018, McAfee acquired Skyhigh Networks, a leading provider of CASB tools. McAfee now offers MVISION Cloud to help protect enterprise data and users of cloud services. The cloud-native solution provides users visibility into their data, context, and user behavior across cloud services and devices. They have better control to correct policy violations and stop security threats. Companies are able to protect sensitive information in various apps such as Microsoft 365, AWS, Box, Salesforce, Azure, Slack, ServiceNow, Dropbox, Google Drive, and Workday.
Cisco
Cisco Cloudlock is a cloud-native CASB software that protects cloud users, data, and apps. It uses API to manage risks present in an organization’s cloud app environment. Advanced machine learning algorithms detect anomalies and identify activities. DLP technology continuously monitors the cloud to detect and protect sensitive information with ready-to-use and custom policies. The solution also includes an app firewall that discovers and controls connected cloud apps.
Oracle
Oracle CASB automatically detects threats with real-time threat intelligence feeds and machine learning techniques. Predictive analytics help identify threats by evaluating risks and providing a summary of potential threats. Simplified monitoring and automated remediation allow IT admins to manage security configurations without the manual process and labor. Other features include secure provisioning, comprehensive monitoring, and access denial for risky users. Overall, its CASB software detect threats and protect users, while enabling admins to configure and monitor apps securedly.
Microsoft
Microsoft Cloud App Security is an integrated CASB tool that allows organizations to streamline their cloud access security, manage access to resources, and enable secure remote work with real-time controls. Cloud App Security uses analytics to identify and combat cyberthreats. It is powered by native integrations coming from security and identity solutions such as Azure AD, Intune, and Azure Information Protection. Users can discover and control cloud apps and services, protect the exposure of sensitive information, detect unusual behavior across cloud apps, and assess their compliance.
