Mobile devices and cloud-based computing makes businesses more productive, agile and innovative. But all of that technology comes with a cost – securing devices and applications outside of your company’s datacenter that access stored sensitive date in cloud applications.
Two of the biggest concerns are:
- How to secure SaaS applications that a company does not own?
- How to protect against intentional or unintentional data leaks on mobile and cloud applications – including personal devices?
The Scope of the Issue
To provide a scope of just how big a problem this has become, here are some facts:
- On average, a typical large company may use 600 to 1,000 SaaS applications
- 87 billion mobile workers are scattered across the globe
- 87% of companies rely on their employees having access to mobile business applications – many using their own personal devices
- 59% of organizations have a Bring Your Own Device (BYOD) policy
Most cloud providers only manage their own infrastructure security leaving its customers to provide their own layer of security to secure their own data and control their user activities. While securing the data is the easy part, controlling user behavior, access, and compliance with company security policies is much more difficult – most while using personally-owned non-company devices.
Cloud Access Security Brokers (CASBs)
Because of the gap in security between the cloud providers and cloud users, many organizations are turning to CASBs for solutions. These act as a second line of defense between the two entities. Right now in 2022, around 66% of enterprise businesses are using some type of CASB support; that’s up from 20% as of the end of 2018.
A robust CASB program will give a company insight into how their people are using cloud-based applications and if they are engaging in high-risk activities – intentional or otherwise. Once these activities are known, policies and training for users, and controls for devices and assessing cloud applications can be put in place to help mitigate the risk of a cyber-attack.
Key Benefits of a CASB
There are five basic benefits:
- Assessment and management – Provide visibility into cloud applications giving a company a picture of their cloud activity and any security measures that should be adopted
- Usage Control – Companies can limit or allow access based on an employee’s location or status along with controlling specific activities, services and applications
- Data Loss Prevention – Enables policies to prevent unauthorized sharing of sensitive information
- Risk Visibility – Allow risk assessment of unsanctioned applications and control access based on that risk
- Threat Prevention – Detects unusual behavior, identifies ransomware, compromised users and rouge applications. Analyze high risk applications and automatically remediate threats.
Employing a CASB is a practical solution that goes a long way to securing a mobile workforce. Not only does it provide visibility of metrics, such as usage and devices, but also security solutions to mitigate risk from cybersecurity threats and actual attacks. While incorporating a CASB is expensive, it is still far cheaper than the cost of recovering from a cybersecurity attack.