INDUSTRY VIEW
LEVERAGING CASB TO PROTECT YOUR CLOUD ENTERPRISE
RAM VAIDYANATHAN , CHIEF IT SECURITY EVANGELIST , MANAGEENGINE
Unmanaged devices expose organisations to different types of attacks , such as session hijacking , account compromise , and data leaks . Organisations should leverage prominent tools such as a Cloud Access Security Broker and CASB-integrated SIEMs that act as an intermediary between users and cloud applications , explains Ram Vaidyanathan at ManageEngine .
With the proliferation of enterprise cloud applications , the way we access and interact with critical business data has fundamentally changed . Given that 60 % of company data is housed in the cloud , and that at least 62 % of employees favour hybrid models , it is critical to extend your organisation ’ s security beyond its network . All a user needs are a username and password to access your cloud applications – from any country , IP address , and device .
While this flexibility supports efficiency , remote work , and global collaboration , it also introduces significant risks if left unmonitored . Unmanaged or personal devices , used by employees from remote locations , can be prime targets for cybercriminals as they lack the security controls essential for protecting sensitive data . This absence of robust security measures poses new challenges for organisations , including session hijacking , cloud account compromise , and data leaks .
Session hijacking involves attackers intercepting an active session and proxying it from a different browser and location , thereby gaining unauthorised access to cloud applications and their sensitive data .
For example , an employee from the payroll team at XYZ Corp needs to upload a document urgently . But since they did not have their work laptop , they use Chrome on their personal laptop and connect to their home Wi-Fi to access the company portal . Unknown to them , an attacker exploits vulnerability in their home Wi-Fi network and intercepts the session token from their browser , giving them unauthorised access to all cloud applications , including sensitive payroll data .
Yet another challenge , apart from cloud account compromise , is data leaks . Data leaks are more a circumstance than a direct attack . Unlike a cyberattack , data leaks involve uncontrolled data transfers that can occur when employees inadvertently or deliberately download sensitive information onto devices lacking adequate security measures – unmanaged or personal devices . This unmonitored data transfer heightens the risk of data breaches and intellectual property theft .
For instance , a financial analyst at a bank needed to complete a critical analysis over the weekend . The analyst transferred sensitive financial data from a secure company laptop to an unsecured personal device for home use . This unprotected transfer and the vulnerable home Wi-Fi network increased the risk of data leakage . If compromised , this could expose sensitive financial information , leading to data breaches and unauthorised access .
Reverse CASB is the right technology to monitor and control access from remote work locations .
16 www . intelligenttechchannels . com