This is post #2 in our series on Cloud Access Security Brokers (Post #1).
In this post, we're exploring why we even need a CASB to begin with? After all, aren't the cloud apps vendors doing everything possible to secure their apps, lest their potential customers run at full speed back to the comfort and familiarity of apps running on physical servers that they can see and touch?
It’s the job of SaaS application providers to ensure that their products are as secure as possible. After all, they’re asking enterprises to trust them with their data, which is highly valuable. Many SaaS vendors hire the best and the brightest in IT Security, and buy the best security products in order to ensure the security of their customers’ data. Through these efforts, most app vendors are focused on preventing breaches into their infrastructure—things like denial of service attacks, malware outbreaks and widespread data exfiltration events. These are the types of security events that land the cloud app vendor on the front page of the Wall Street Journal, and have a severe negative impact on their business.
There’s another set of security risks that the cloud app vendors are less concerned with, the types of risks that land YOU on the front page of the Wall Street Journal, putting your company and your job at risk. These risks revolve leakage of sensitive corporate data. When sensitive data stored in SaaS apps is not properly controlled, the result can be inadvertent or malicious leakage of company data, theft of user credentials, regulatory compliance failure, and worse. These types of risks are outside of the control of the SaaS application provide and require you to enforce contextual access control policies on your users. In short, securing your data against such risks is your responsibility.
Effectively, the cloud app vendor is protecting against attacks that target the application and the underlying network infrastructure. What you need to protect against are attacks that target the data and your users.
To help provide more color on what CASBs do, we have created The Definitive Guide to Cloud Access Security Brokers. We're providing the entire document via a series of posts on this blog. Of course, if you prefer to binge read your Definitive Guides much like you binge watched Breaking Bad on Netflix, you can download the whole thing immediately, right here.