Next-Gen CASB Blog

More and more cloud apps are arising every day, creating a massive SaaS tidal wave. These apps can offer increased efficiency for their users, expose data to malicious hackers, and be used by employees looking to steal data. Regardless of the motive behind using it, shadow IT causes the enterprise to lose visibility and control over where its data is going and who is accessing it. As such, organizations cannot stand idly by as their data slips through their fingers; rather, they must find a way to ride the ever-growing wave of SaaS apps.

Using shadow IT discovery is a great way to identify data leakage – but how can organizations be certain that it is effective? First-generation cloud access security brokers (CASBs) rely on manually curating lists of cloud apps in order to enable shadow IT discovery. Each app must be individually evaluated so that its level of risk can be identified. It must also be tied to domains and IP addresses so that it can be detected in network or proxy logs. Unfortunately, there are so many apps in existence that it is impossible to gather all of the necessary information manually. However, the Next-Gen CASB is automating this process to keep up with the ever-expanding number of cloud apps.

The CASBmarket started out with a fistful of companies five years ago.  Now there are just a couple left. What happened?

Shadow IT refers to the unsanctioned applications used by employees who disregard IT's app approval processes. By definition, this means that IT departments lack complete visibility into what is being used to store and process data. This invites risks like data exfiltration from malicious insiders, upload of sensitive data to unsecured cloud apps by careless employees, and more – all without IT’s knowledge.