Earlier this week we briefed a top 5 US bank on our Zero-Day "Read-Only" security for unmanaged cloud apps. It was love at first sight!
Financial services companies grapple with a common problem. Clients want to transmit documents with business users via consumer file sharing applications such as Box and Dropbox. At the same time, security demands that whilst employees may consume such information, they must be restricted from uploading data to such applications. In short, consumer applications that are permitted but not managed need to be "read-only." Applications such as Box, Dropbox, Facebook, LinkedIn etc all fall into this category.
First-Gen CASBs detect the use of such applications by analyzing firewall logs. While such "ShadowIT Discovery" is useful in detecting data leakage after the fact, it does nothing to prevent leakage.
Next-Gen CASB can make any cloud app "Read-Only." Read Facebook but not post to it. View LinkedIn, but not upload data to it. Likewise file-sharing services such as Box or Dropbox. Zero-Day security, no signatures or configurations to manage, the technology automatically learns and blocks all upload data paths in secured applications.
An ounce of prevention is better than a pound of cure.