Discovery Beyond Shadow IT
In Part 3 we learned about Bitglass’ unique capabilities that protect your data in real-time, end-to-end. While in-band security is critical, CASBs aim to provide comprehensive data protection, which includes out-of-band threats. Bitglass’ Breach Discovery solution goes a step beyond identifying Shadow IT apps by detecting all data exfiltration threats, including malware hosts, anonymizers, TOR networks and phishing domains.
Bitglass Breach Discovery, like the broader CASB solution, is easy to deploy and works by analyzing firewall or proxy logs to identify high risk traffic and activities. Logs can be manually uploaded or streamed via syslog. Discovery reports leverage over 60 industry threat feeds from FS-ISAC, VIrusTotal, and Cloud Security Alliance, as well proprietary risk datasets. Cloud apps are ranked and given a risk score based on capabilities (encryption, external sharing etc), compliance (SOC, HIPAA, etc), and other attributes. Other sites, phishing domains for example, are given a risk ranking based on our proprietary risk datasets and industry threat feeds. This allows Bitglass to provide a complete and holistic view of all potential exfiltration threats.
Bitglass Breach Discovery, when used alongside the core CASB capabilities covered in Parts 1 and 2, provide complete data security across your entire infrastructure. The key takeaway here is the importance of in-band and out-of-band security that can protect data and uncover exfiltration threats from unknown sources.
CASBs are built to offer comprehensive protection across applications, but can they hold up when deployed at scale? How are they architected and how easily can they scale? As in sports, the most important ability is availability. In the final part of this series, learn about the advantages and disadvantages of competing CASB architectures, including reliability and flexibility.