The cloud security solutions market is growing rapidly and there are many types of solutions to support your specific business needs. But figuring out the right tool, let alone the right type of tool, can be difficult. Gartner has 5 security archetypes that fall under the broader cloud security management platform umbrella. This article gives a quick look into the CASB archetype:
- Cloud Access Security Broker (CASB)
- Cloud Workload Protection Platform (CWPP) ,
- Cloud Security Posture Management (CSPM),
- Cloud Infrastructure Entitlement Management (CIEM), and
- Cloud-Native Application Protection Platform (CNAPP).
What Is It?
CASBs are on-premises or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers (CSPs) to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention, etc.
In What Context Is It Best Used?
According to Gartner, CASBs are most effective on SaaS deployments for single and multi-cloud implementations. CASBs are also somewhat effective in mixed deployments.
Benefits and Limitations
- Good visibility.
- Good detection. Capable of detecting unsanctioned cloud applications (“shadow IT”) and as well as sensitive data in transit.
- Rich data. By its nature of controlling users’ access to cloud SaaS applications, CASBs can produce rich audit logs with events related to the users’ behavior using the applications.
- Lack automated action. While CASBs can provide great data and information, they do not have the capacity to take automated action to remediate potential threats. This could be a concern for companies who do not have enough security employees to address the high volume of issues that will need manual intervention.
- Struggle to provide consistent information because of incompatible services across CSPs.
- Struggle to keep up with the pace of adoption of services across CSPs
- CASBs require users to go through a central gateway; therefore, if users access cloud resources outside of this avenue (shadow IT), security teams might be blind to it.
For a deeper dive into Gartner’s cloud security archetypes, read: A Practical Guide to Gartner’s Cloud Security Archetypes.