CASB – cloud access security broker
A cloud access security broker, or CASB, is a type of software developed to help IT departments monitor cloud access and usage by employees and partners. CASBs are deployed to help ensure the company’s cloud services are used securely and properly.
CASBs burst onto the scene in the last few years and have enjoyed significant growth as the cloud market has taken off as well. An October 2018 Gartner report reveals about one in five large enterprises are currently deploying a cloud access security broker to control or govern one or more of its cloud services.
How CASBs Operate
CASBs are deployed either directly on-premises or in the cloud, and are interjected between the corporation’s cloud services and customers accessing these services through the cloud. Cloud access security brokers enforce security policies for customers and handle security functionality like authentication and authorization, encryption, logging and alerting, malware detection and prevention and more.
Whether set up on premises or in the cloud, CASBs are deployed either as a reverse proxy, a forward proxy, or in an “API mode,” with many “multimode” CASBs on the market today offering the ability to choose between these three modes.
Reverse Proxy vs. Forward Proxy vs. API Mode
In the reverse proxy mode, cloud access security brokers can manage user-owned devices without the need for configuration changes or special certificate installation, whereas forward proxies funnel all traffic from managed endpoints directly through the CASB. User-owned devices may not be under the management of CASB control with the forward proxy mode though.
One drawback with both proxy modes of CASBs is that they present a single point of failure, creating the possibility for all of an enterprise’s cloud services to be compromised by a DDoS attack.
In the third method, the CASB doesn’t operate in the data path to the cloud, which keeps it from being a single point of failure. However, not all cloud services offer API support at this time, which frequently creates the need to deploy one of the proxy modes as well.
Leading Cloud Access Security Broker Vendors
Some of the leading cloud access security broker vendors today include Forcepoint CASB, Microsoft Cloud App Security, Cisco Cloudlock, McAfee MVISION Cloud (formerly McAfee Skyhigh Security Cloud), Bitglass Cloud Security, and Netskope.