INDUSTRY VIEW
To combat these issues , organisations are turning to technologies such as a Cloud Access Security Broker , CASB . CASB has become a prominent cloud security tool across industries as cloud usage has increased . Acting as an intermediary , CASB monitors interactions between users and cloud applications , offering security analysts enhanced visibility , greater control over access , and the ability to monitor the usage of unsanctioned cloud applications .
Unlike the forward proxy CASB that works well within the organisation ’ s perimeter , a reverse proxy CASB is set up on the cloud applications ’ end . So anytime a user accesses their enterprise cloud application , whether on a managed or personal device , mobile or desktop , within or outside the network , the organisation can enforce policies .
Two benefits this offers are conditional access , controlling access to the cloud application , and session control , controlling the movement of data .
Conditional access allows organisations to set specific conditions under which users can access cloud applications . In the instance mentioned above , session hijacking , the policy could have required that access to the payroll application be granted only to a specific geographic location and known IP addresses within the corporate network .
Additionally , policies could enforce blocking access from less secure browser types or device types . By applying these conditions , organisations can enhance security and reduce the likelihood of unauthorised access .
Session control enables continuous monitoring and control of user sessions . By enabling session control , you can decide which file types , size , and name of files can be uploaded or downloaded .
In the data leak scenario mentioned above , session control could have provided critical oversight by tracking actions such as the upload and download of sensitive files , including details like the file name , file type , and file size . If these sensitive files were
Using conditional access and session controls , CASB can ensure that only authorised users access corporate resources .
of a particular size or type , the download could have been stopped and alerted to the security team .
As the attack surface expands with rising cloud adoption , the governance and insights offered by CASB solutions become invaluable , especially when integrated with a SIEM . A CASB solution provides detailed visibility into cloud application usage , user behaviours , and data movements , allowing organisations to enforce security policies effectively .
When these insights are ingested by a SIEM solution , it enhances the organisation ’ s ability to detect and respond to threats in real time . This integration offers a holistic view of security events across both onpremises and cloud environments , improving incident response and threat intelligence .
As cloud usage continues to grow , the combined power of CASB and SIEM will become increasingly critical in maintaining robust security postures and mitigating sophisticated cyber threats . •
CASB monitors interactions between users and cloud applications offering analysts control over access of unsanctioned cloud applications .
INTELLIGENT TECH CHANNELS 17