<img src="//pixel.quantserve.com/pixel/p-_JKXxuL8SR7wu.gif?labels=_fp.event.Default" style="display: none;" border="0" height="1" width="1" alt="Quantcast">
blog-banner.jpg

Next-Gen CASB Blog

the ultimate trojan horse?

By Nat Kausik | June 22, 2016 at 10:36 AM

trojan-horse.jpg

Last week we deployed the Bitglass CASB in a production pilot at a Fortune 100 financial services company.  Very sophisticated security team that paid attention to detail.   

They were particularly paranoid about any software that we installed in their network that "synced" data to our cloud service.    The item of discussion was the agent required to stream proxy logs for our Breach Discovery system. The security team told us that they would not accept any proprietary virtual appliances that streamed data outside the firewall.  Such a virtual appliance is the ultimate trojan horse - a hack of the virtual appliance would be impossible to detect and lead to a huge data breach unchecked.  No worries!   We had already crossed this bridge at other customers.  Bitglass uses Syslog NG, the hardened open source system that is vetted and pounded the world over for vulnerabilities and Trojans.  Syslog NG is on the "approved" list at many FiServe giants and is widely used for other purposes. Security-sensitive enterprises favor open-source software for their hardened standards based security.

When choosing a Cloud Access Security Broker, make sure the cure is not worse than the disease.  Beware CASBs that package trojan horses as virtual appliances for streaming logs, or those that suffer phishing risks inherent in proprietary architectures.