For most small businesses reading this article, I’ve lost them with the headline. A Cloud Access Security Broker (CASB) is likely to be something they’ve never heard of, let alone considered. Yet more small businesses are becoming Cloud-friendly, especially with their adoption of Software as a Service applications. Funny thing is, some security-focused IT professionals would never consider using Cloud services without a CASB.
I had the pleasure of spending some time with a company called Forcepoint, in Austin, Texas, as a Tech Field Day delegate. David Coffey (VP Research & Development) says “How do you secure things that you don’t own or manage?” IT Pros understand that challenge. Traditionally we’ve focused on securing the devices that you use and the networks that you access. We’ve put firewalls between your PC and the Internet and we’ve prevented you from using random USB sticks. Today’s challenge for IT is ensuring security from your iPad in an airport lounge, to corporate data in the Cloud.
The problem is that many small businesses don’t understand why that challenge even exists.
They rely on the Cloud provider to be secure. They rely on their staff to not click on dodgy links. They rely on their anti-virus software and their backups and that’s often where their security stops. They often don’t enforce any password change period (especially with SaaS apps), they hate the inconvenience of Two Factor Authentication and they often share accounts and passwords between staff. If you’re a small business who is more security-savvy than this, congratulations, but you are in the minority.
So, the challenge for small businesses then becomes “Why do I need to secure things that I don’t own or manage?”
And the answer is … because those things have access to your information and you have no idea what’s happening to your data. Jim Bermingham from Forcepoint added that 32% of organisations have no capability to prevent or deter an insider attack. Yup, that’s something dodgy happening from someone inside your organisation, who you trust. And it may not be that they are disgruntled and gone rogue on you – it could be a nasty piece of malware software that’s gotten onto their device (you know, the home laptop you don’t control) and has latched on to their login credentials. Have I scared you enough yet?
Enter the Cloud Access Security Broker. This optional but oh so important piece of technology sits between Cloud services and their users, regardless of their device or location. It can enforce security policies (like the device being used must be running a modern operating system). It can block other applications from being able to access your Cloud apps (like another file storage service that you don’t use, to prevent employees copying files to a personal account).
And with this access, the CASB can give you visibility of Cloud access & activities, including where your information is going. If you don’t think that’s a threat, consider that the applications we authorise to connect via Facebook are using that API to read and use our Facebook data, and the world is currently a little upset about how much access they have (even if we’ve authorised it). Many of your favourite SaaS applications also have a great API for connecting services, yet little or no in-built reporting tools to tell admins exactly which services the users have connected. And these are the apps that contain our corporate data.
Forcepoint’s CASB product highlights our top high risk users, across different Cloud services. It shows number of application access requests, usage trends and data volumes in and out. The magic in the data is monitoring and flagging the anomalies. I don’t care if a staff members downloads large volumes of data from a Cloud app, if that’s their role. If it’s not their role and there’s a sudden increase in how much they are downloading (especially if it’s downloading to their home), then I might care. I’d certainly want to know about it.
And to complement their product portfolio, Forcepoint’s CASB also integrates with their Web Security Gateway and their data classification and data loss prevention capabilities. It’s so nice to see a “configure once” approach to securing data, regardless of how or where the users are storing or sharing it.
As well as keeping up with any changes made by the Cloud vendors, Forcepoint have a strong team monitoring and responding to the current threat landscape. That alone is a great reason to take on a partnership with a security vendor, outside of your own busy IT resources.
The Cloud has made it easier and more affordable for small businesses to use some amazing technical capabilities. So much so, that the Cloud is becoming the first port of call when the business goes out and looks for a solution. Unfortunately, this can be and is being taken advantage of, especially when the bad guys know that IT has no visibility of the movement of data. I’m not sure if we just need the market to mature more, or if enough small businesses need to get hit, before products like CASB become as accepted as anti-virus software.
To learn more about Forecepoint CASB visit Forcepoint CASB Overview or watch the Tech Field Day 16 video Forcepoint Cloud Application Security Broker and Web Security with David Coffey
I attended Forcepoint’s presentation in Austin, Texas as a delegate of Tech Field Day, where my travel expenses were paid for, however I have not been paid to write this post.