Hello and welcome to another Glass Class. Today we'll be talking about the difference between secure web gateways and cloud access security brokers, and which solution is right for you if you're looking to protect data in a cloud application like Office 365, Box, Slack, or an infrastructure as a service application like AWS or Azure.
When you're thinking about how to protect your data and what are the best solutions for data protection, a lot of organizations are concerned about visibility, identifying which applications are being used by employees, and how to protect data as it moves to those applications. A secure web gateway can be a great solution for managed devices and devices on the corporate network. With URL filtering, you can identify risky destinations. You have a lot of visibility and logging capabilities with a secure web gateway; but, when it comes to BYO devices, like a personal iPhone X, organizations have no control over what data is transmitted to those devices and don't have any visibility over data once it's on that device.
A cloud access security broker is a little different. It can monitor traffic as it goes down to any device, whether it's a managed or unmanaged device. It can distinguish between these different device types and have different policies applied to data based on the access context. So with a cloud access security broker, if an employee is accessing data from a personal iPhone, for example, they can access any cloud application, whether it's Office 365 or a corporate Dropbox account (or what have you), and have that data be protected no matter where it goes. Once it is downloaded, you still have control over that data.
That's secure web gateways and CASBs in a nutshell. Thanks for watching Glass Class.