A Home for CASB
Blog Article Published: 02/21/2018
By Kyle Watson, Partner, Information Security, Cedrus Over the past 18 months, I’ve been working on CASB in some form or another including: —Educational architectural and technical videos —Request for Proposal (RFP) assistance —Pre-sales presentations and demos —Proof of Concepts (POCs) —Implementation —Operations build-out and transition I’ve discovered some interesting things working with vendors, clients, and our own security technical staff here at Cedrus. One of them is about the ownership model. There is not a 1:1 map when you compare CASB solution features to the structures of organizations that are deploying them. There seems to be a lack of organizational placement, a permanent home when it comes to CASB. This extends both to technology and business process ownership. Most CASB solutions are a natural evolution out of the network layer of technology and hence so did many of the key players at CASB vendors. These folks are experts in networks, firewalls, proxies, Intrusion Detection Systems (IDS)/Intrusion Prevention Systems (IPS), Security Information and Event Management (SIEM), etc. However, many of the features being offered by CASB extend into areas that don’t typically overlap with the responsibilities of the teams that run these areas of the Security Operations Center (SOC). These include things like Identity and Access Management (IAM), Data Loss Prevention (DLP), Encryption, Application Programming Interface (API) integration, and Malware prevention. Working on technical integrations with CASB there is a need to bridge at least four groups that are often separate in enterprises.
- Active Directory Admins
- Identity and Access Management (IAM) Team(s)
- Information/Data Protection
- And Public Key Infrastructure (PKI) / Encryption if they’re separate from one of the other teams
- Encrypt Protected Health Information (PHI) when it gets stored in Google
- Scan all documents in the corporate OneDrive to find and move Personally Identifiable Information (PII)
- Prevent people from uploading confidential documents as attachments on LinkedIn
Share this content on your favorite social network today!