Acronyms have become part of our day-to-day life – they are used frequently when texting and speaking, but at other times they’re used as intended – to abbreviate an altogether too long phrase or name. Either way you slice it, CASB is quickly becoming one acronym that you want to know about.
CASB: you may have heard it before – I had, but not in the context of Cloud services! So I took to Google, interested to see what I might come up with. To my surprise, CASB has not one, not two, but at least eleven definitions ranging from the one I’m familiar with – Chartered Accountant School of Business – to Citizens Against Speed Bumps (one that I was definitely not familiar with).
To avoid any confusion before you read further, let me assure you that the CASB I will refer to here stands for Cloud Access Security Broker – I’ll save my opinions about speed bumps for another time.
What Are Cloud Access Security Brokers?
In order to understand the growing importance of Cloud Access Security Brokers, first we must establish what a CASB is and what it is they do. According to Gartner, “Cloud access security brokers (CASBs) are on-premises, or Cloud-based security policy enforcement points, placed between Cloud service consumers and providers to combine and interject enterprise security policies as the Cloud-based resources are accessed.”
They are quickly becoming a necessary security control technology for the Cloud. Acting as a security middleman between the provider and consumer, CASBs consolidate multiple types of security policy enforcement such as authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, and malware detection and prevention.
In terms of functionality, Cloud Access Security Brokers offer four key features: visibility, compliance, data security, and threat protection.
- Visibility: Offer enterprises more insight into their users, devices being used, and the data they’re responsible for, and also detect “shadow IT”
- Compliance: Monitor data content to ensure compliance with regulations and security standards such as HIPAA
- Data Security: Create an extra layer of protection by ensuring data is tokenized or encrypted properly, without hindering operation of applications
- Threat Protection: Maintain control over unauthorized users and devices through malware protection, threat intelligence, and anomaly detection
What Do CASBs Do?
Typically, CASBs are put in place to protect against security failures in situations where the customer is at fault. While reputable software-as -a-service (SaaS) providers are great at securing their applications and network infrastructure, users are still accountable to maintain security at their end. Customers need to take their own precautions to secure the data that their Cloud applications are using, as well as the devices and users that access them.
A CASB provides a way to reduce the risk of Cloud security failures that are the customer’s fault.
Why Do Businesses Need CASBs?
With the growing increase in Cloud services adoption, security spending trends are also on the rise and the growing importance of Cloud Access Security Brokers is becoming more and more evident. By 2020, Gartner believes that 95% of Cloud security failures will be the fault of customers rather than service providers – so people are taking the necessary precautions to avoid creating more problems for themselves.
While security is a primary concern of skeptics when it comes to migrating to the Cloud, it remains overlooked all too often. As a result, many – if not most – security failures can be linked back to customer fault as opposed to the onus being on the provider. As businesses continue to rapidly acquire Cloud services, the growing importance of Cloud Access Security Brokers will continue to climb alongside.
Although security integration is a major challenge facing CASBs, it’s also one of the key components they offer. With security being such a prominent concern in the Cloud world, CASBs are becoming a more integral piece of the puzzle; one that is likely to become an essential component of SaaS deployment by 2017, forming the foundation for adaptive security capabilities for the foreseeable future.
The adoption of Cloud services is on the rise, with no projected end in sight. While adoption rates maintain a steady increase, security concerns are still major deterrents to a Cloud migration. The good news is that businesses are willing to put money into protecting their data. In 2016 alone, information security spending is projected to increase substantially, with enterprises noting projections between 12% and 50%.
However, money spent and money well spent are not two sides of the same coin. Businesses must understand the threat that they can pose to themselves if they don’t invest in proper precautions. With this in mind, Gartner predicts that this year, 25% of enterprises will secure access to Cloud-based services using a CASB platform, up from less than 1% in 2012, reducing the cost of securing access by 30%. Further, of those already employing Cloud Access Security Brokers, 17.2% will significantly increase spending on those solutions. CASBs must be doing something right!
By 2020, a predicted 85% of larger enterprises will be employing CASBs, up a staggering 80% from their current standing. Large businesses are recognizing the benefits and the growing importance of Cloud Access Security Brokers, and soon other industries will follow suit.
If you’re interested in learning more about Cloud Access Security Brokers and how they could be used to the advantage of your business, contact our experts at Total Product Marketing today and we’ll be happy to help!