cStor Recognized with Elite 2016 CRN Triple Crown The Eternal Shift in the Data Center

The Raw Truth About Securing the Cloud and How Cloud Access Security Brokers Can Help

Share

cloudSECURITYThe Raw Truth About Securing the Cloud and How Cloud Access Security Brokers Can Help

by Gregory Kiker, Cybersecurity Practice Leader, cStor

Cloud access security brokers (CASBs) are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed. CASBs consolidate multiple types of security policy enforcement. Example security policies include authentication, single sign-on, authorization, credential mapping, device profiling, encryption, tokenization, logging, alerting, malware detection/prevention and so on. —Gartner IT Glossary

Microsoft Office 365 is showing success in capturing a large portion of the business enterprises over the last year. The increases are estimated at 300%+ growth. There is still room to grow. Trust in cloud based applications is growing as well, with no end in sight.

While the industry is seeing some improvement in security, the gap is still large and the risk of losing sensitive data is a reality. One Cloud Access Security Broker (CASB) usage analysis of 20,000 plus cloud services has determined that a staggering 58% of the sensitive data found resides in Microsoft Documents. With the popular Office product subscription comes a cloud drive, called OneDrive, offering an individual 1TB of space. With a majority of businesses using Office products, it is easy to understand why so many are moving to the cloud services.

Many cloud vendors, including Microsoft, take security seriously and continue to make significant investments. The protection offered guards applications from intrusion. While intrusion protection is vital, any user base still performs actions that are high-risk—be it unintentional or malevolent.

Office 365 can provide raw event feeds through an API, but as many folks in security can attest, the data feeds volume can be overwhelming. The much publicized data breach at Target resulted in over 40 million customer credit cards being exposed. The warning signs were there of the event happening, but it was disregarded along with hundreds of other alerts.

So is the cloud secure? It is a loaded question.

Microsoft accepts the responsibility of platform security, but that is all. Customers can still be at risk from internal and external threats. It is key to protect sensitive information against data loss through email, file transfers, and unintentional sharing of folders to everyone. Companies need to have the same compliance policy enforcement for cloud applications that they have for on-premises applications. This is where the CASB comes into play.

Office 365 is just one of the estimated 22,000 cloud based application available to users. Many organizations claim to not have any unknown data in the cloud, yet have no way to prove the assertion. CASB products can not only identify what organizations have in the cloud, but rank the risk of the applications being used.

So what can CASB do for the organization?

  • Advanced, enterprise DLP
  • Granular policies for all apps
  • Architecture for any use case
  • Access and privilege control
  • Active threat protection
  • Provide visibility and control over cloud spend
  • Ensure compliance in the cloud
  • Mitigate cloud app usage risk

To name a few.

You don’t know what you don’t know. Let cStor do an initial free assessment and report to you what your true cloud usage is… unless you really do NOT want to know.

Gregory Kiker
About Gregory Kiker
Gregory is the Cybersecurity Practice Leader at cStor.  The vision of cStor is to provide the means to protect our customers through best of breed products, services, and consulting.  Greg drives this vision with over 20 years of IT experience.  His IT knowledge spans a wide range of disciples from Infrastructure Management, Network Management, Storage, Information Risk Management, Application Development, Database Management, and Cyber Security.  Greg’s executive experience over the years gives him a customer focused perspective and understanding of the special situations that many companies face.  He attended The New Orleans Baptist Theological Seminary  studying Theology and Regis University in Denver studying Business Management.  He is now pursuing a degree in Archaeology in hopes of retiring and mimicking Indiana Jones. 

Comments are closed.