A cloud access security broker (CASB) is a on-premises or cloud based software that sits between cloud service users and cloud applications to monitor all activity and enforce security policies. A CASB can offer a variety of services, including but not limited to monitoring every action of the users, warning administrators on specific actions that are seen as potentially hazardous, enforcing compliance to security policies and taking automatic actions for malware prevention.
Video Cloud access security broker
Types
A CASB may deliver security, management or both. Broadly speaking, "security" is the prevention of high-risk events, whilst "management" is the mitigation of risk after high-risk events.
CASBs that deliver security must be in the path of data access, between the user and the cloud. Architecturally, this might be achieved with proxy agents on each end-point device, or in agentless fashion without requiring any configuration on each device. Agentless CASB allow for rapid deployment and deliver security on all devices, company-managed or unmanaged BYOD. Agentless CASB also respect user privacy, inspecting only corporate data. Agent-based CASB are difficult to deploy and effective only on devices that are managed by the corporation. Agent-based CASB typically inspect both corporate and personal data.
CASBs that deliver management may use APIs to inspect data and activity in the cloud to alert of risky events after the fact. Another management capability of a CASB is to inspect firewall or proxy logs for usage of cloud applications.
API-only CASB such as Cloudlock offer management using APIs provided by the major SaaS applications. In contrast, multi-mode CASB offer both management and security. Some multi-mode CASB may also offer Zero-Day capabilities to protect against threats both known and unknown. Such CASB are called "Next-Gen" CASB, e.g. Bitglass, and deliver management, security and Zero-Day protection.
Maps Cloud access security broker
References
Source of article : Wikipedia