Security "Bits"

Rich Campagna

Rich Campagna

Find me on:

Recent Posts

Cloud Access Security Brokers: 2020

By Rich Campagna  |  February 4, 2019 at 4:56 AM  | 
01095_Your-Life-In-The-Future_Wired_Cover_No-Logo-Post1The biggest cloud security trend in the near term is the rapidly expanding cloud footprint that the typical enterprise must secure. Organizations are quickly moving beyond the core group of 8-10 apps, like Office 365 and Salesforce, that really defined the first few years of the enterprise cloud. While those apps are still a major part of the enterprise cloud footprint, it is now common to see organizations looking to protect longer tail SaaS apps, as well as packaged software and custom apps hosted on IaaS/PaaS platforms. The de facto security standard used to secure these applications is a Cloud Access Security Broker (CASB). 
Read More

The New Outlook: AJAX-VM

By Rich Campagna  |  January 31, 2019 at 8:22 AM  | 

Screen Shot 2019-01-31 at 8.09.26 AMWaking up in the morning to the surprise of a freshly redesigned cloud application is the tiniest little bit like Christmas morning (yes, I know we're past Christmas, but I'm running with this anyway). You first notice a new font, color scheme, maybe even a new menu or icons. The anticipation builds - what new features are in store for me today? Improved search? Yes, please! Easier scheduling? Finally! 



Read More

Office 365 Security Licensing and Pricing - 2019 Edition

By Rich Campagna  |  January 7, 2019 at 4:54 AM  | 

Office_365_logoIn late 2017, I wrote a post, Office 365 Security Licensing Demystified, to help clarify the dizzying array of cloud security licensing options available from Microsoft, and how those options compare in both price and functionality to the Bitglass Next-Gen Cloud Access Security Broker. Both vendors have continued to develop their offerings, adding new features and functions, so this comprehensive update reflects those changes over the past year.

Read More

Rocks, Pebbles, Shadow IT

By Rich Campagna  |  December 11, 2018 at 1:25 PM  | 

Selection of stones used in constructionWay back in 2013/14, Cloud Access Security Brokers (CASBs) were first deployed to identify Shadow IT, or unsanctioned cloud applications. At the time, the prevailing mindset amongst security professionals was that cloud was bad, and discovering Shadow IT was viewed as the first step towards stopping the spread of cloud in their organization.

Flash forward just a few short years and the vast majority of enterprises have done a complete 180º with regards to cloud, embracing an ever increasing number of "sanctioned" cloud apps. As a result, the majority of CASB deployments today are focused on real-time data protection for sanctioned applications - typically starting with System of Record applications that handle wide swaths of critical data (think Office 365, Salesforce, etc). Shadow IT discovery, while still important, is almost never the main driver in the CASB decision making process.

Read More


see all