Leading cloud access security brokers (CASBs) currently provide data protection, threat protection, identity management, and visibility. However, this has not always been the case. Since the inception of the CASB market, cloud access security brokers have offered a variety of tools and undergone a number of evolutions. For organizations to ensure that they are adopting the correct solutions and adequately protecting their data, they must understand the past, present, and future of CASBs.
Agents and APIs
CASBs were originally used primarily for discovery capabilities. Through agents installed on users' devices, CASBs would give organizations information about the unsanctioned cloud applications that were being used to store and process corporate data. Additionally, integrations with application programming interfaces (APIs) were used to exert control over data at rest within sanctioned cloud apps. However, these strategies provided little help with securing unmanaged devices and protecting data at access in real time.
To address the shortcomings of agents and APIs, CASBs with proxies were used to, as the name implies, proxy traffic. By standing between devices and cloud applications, proxies control the flow of data in real time and provide controls to govern data access based on factors like job function. Because proxies take a data-centric approach rather than a device-centric approach, they are even able to secure unmanaged and mobile device access - without the use of agents.
Today, leading CASBs utilize a hybrid or multimode architecture. This means that they offer a combination of proxies and API integrations. In this way, they are able to provide complete protection - APIs secure data at rest in cloud applications, while proxies monitor data at access even for unmanaged and mobile devices. When deployed together, these tools provide advanced capabilities such as malware protection for data at upload, data at download, and data at rest within cloud applications.
The future of security belongs to artifical intelligence (AI). As such, machine learning is already a core component of advanced CASBs like Bitglass. In general, machine learning allows CASBs to make more automated, effective, rapid security decisions than ever before. For example, with user and entity behavior analytics (UEBA), they can recognize suspicious behaviors (logging in to cloud apps from two places at once or downloading unusual amounts of data) and remediate in real time. They can also evaluate unsanctioned apps as they are accessed by employees to determine if they are safe and impose controls around the uploading of data.