CASB: An Integral Part of Network Security
Versa Networks
April 18, 2022
It’s never been easier to launch a cloud service; or to consume such a service. No-friction SaaS applications compete on features because no central network planning or sales cycle is required any longer. Often SaaS applications are sold into a team or a department. Other applications—Dropbox, OneDrive—are picked up by users simply because they significantly enhance worker productivity. Central IT often has no knowledge that these applications are used, how they’re used, or by whom.
Traditional perimeter firewalls protect applications and data stored within your on-prem network. FWs additionally filter applications and URLs accessed outside the enterprise. But data stored outside the enterprise, or what users do while inside sanctioned cloud applications exist entirely outside the FW’s purview, creating a gaping security hole.
Every cloud vendor is not equal: there are public cloud vendors (IaaS, PaaS) such as AWS where you control the software and the data. There are SaaS cloud-application vendors such as Office365 where they control the software and you have some visibility into, and control of, the data. And there are Internet vendors like Dropbox where they control the software and the data. These all come with unique security concerns.
CASB solutions let you regain control over this proliferating and varied cloud environment, allowing you to leverage the business benefits while at the same time eliminating the security holes. CASB offers fine-grained visibility and control over cloud-based applications, data (both data-at-rest and data-in-motion), as well as the users of these applications and data.
Join Rahul Vaidya, Senior Product Manager at Versa Networks, in this webinar for an illuminating discussion of why, where and how CASB fits into the suite of cloud security solutions your network must have. Rahul covers several use cases in detail, diving into how CASB secures your intellectual property, sensitive data, application and user behaviors. He discusses the four main service areas covered by CASB:
- Visibility: shadow IT discovery, daily updated cloud-application risk ratings, data uploads and downloads, user behavior governed by policies
- Data Security: detects misconfigurations, data identification and tagging, data leakage prevention, data encryption and tokenization, policies governing BYOD, data scanning and conversion capability for different document formats, policies governing personal vs. corporate (users and devices) use of cloud-applications
- Compliance: API-based integration to scan and remediate data, data upload monitoring, auditing and reporting, auto-remediation, enforcement of predefined data access and viewing policies
- Threat protection: user and behavior analytics, malware protection via API-based scanning, integration with enterprise identity and authentication methods and policies
