Jump to content

Cloud access security broker

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by JJMC89 (talk | contribs) at 03:16, 23 June 2017 (ce). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.
  • Comment: This is ready to be accepted. I have contacted Kudpung to get protect creation removed. ~Kvng (talk) 15:26, 22 June 2017 (UTC)

A Cloud Access Security Broker (CASB) is a system working between cloud service users and cloud applications to monitor all activity and enforce security policies.[1] A CASB can offer a variety of services, including but not limited to monitoring every action of the users, warning administrators on specific actions that are seen as potentially hazardous, enforcing compliance to security policies and taking automatic actions for malware prevention.

Types

A CASB can be offered as a one of two major architectural paradigms.

A perimeter/agent-centric CASB is deployed as a gateway between cloud applications and the on-premises system. It is intrusive and focuses on prevention and access control. However it can have a high impact on performance and difficulty in scaling which also result in a limited coverage [2]

An API-centric CASB uses direct API to the cloud services. It is fast, non-intrusive and focuses on detecting, analysing, managing and preventing user activity. It may not allow real-time blocking, but benefits from cloud technology scalability and speed and can seamlessly integrates with major cloud applications.[2]

Common features

Discovery

A CASB that has access to the firewall logs of a system's network can provide details on the unsanctioned and sanctioned applications that the users use. In that manner, an administrator can know whether someone is using applications or websites that can be dangerous to the security of the system, their authentication data or the organization's resources.

Security

CASBs usually provide several tools and automated controls, with which an administrator can enforce security policies to applications, regarding identity management, applications, content and infrastructure.

Monitoring

A CASB is also using firewall logs to monitor user and application security activity and provide detailed reports. The variety of these reports depends on the CASB vendor and the architecture.

Incident response

Some CASB vendors also support automatic responses to threats or user misbehaviour. These responses can be as simple as a detailed notification to an administrative team to remediation of the threat by blocking access or enforcing policies.

References

  1. ^ "Cloud Access Security Brokers (CASBs)". Gartner. Retrieved 16 May 2017.
  2. ^ a b Gleason, Micheal. "Selling Snake Oil: What Proxy and Gateway CASB Vendors Won't Tell You". CloudLock (Blog). Cisco. Retrieved 16 May 2017.
Retrieved from "https://en.wikipedia.org/w/index.php?title=Cloud_access_security_broker&oldid=787047030"