Cloud Access Security Moves Up the Value Chain 

Cloud Access Security Moves Up the Value Chain 

  • November 2015 •
  • 7 pages •
  • Report ID: 3384816
Cloud Access Security Moves Up the Value Chain


Shadow IT (the unsanctioned use of cloud apps), and shadow data (the placement of sensitive data into sanctioned and unsanctioned cloud apps), are common occurrences among most enterprises. Even though commonplace, enterprises lack a current and comprehensive inventory on which cloud apps are in use, by whom, and, of equal importance, how those apps are used. The tools on which enterprises have relied to monitor and control applications in their private data centers were not designed for cloud apps.

Moreover, other efforts to gain visibility into cloud apps, and to exert control, are manually intensive and rudimentary. Consequently, with cloud apps, enterprises’ ability to prove compliance with data protection regulations, reduce data breach risk, and confidently expand adoption of cloud apps is behind the times. Cloud Access Security Brokers (CASB) is a new solution category designed explicitly to provide visibility and control of cloud applications. As described in Stratecast’s Security Control of Cloud Apps is Within Reach, unified CASB solutions conduct several critical functions:

- Detect cloud apps in use
- Peer deeply into usage
- Assess risk based on multiple factors, such as: user-defined configuration settings, usage behaviors, and cloud app riskiness
- Support and enforce granular policies to mitigate risk and substantiate compliance

Being unified within CASB, while beneficial, is inadequate for today’s harried security practitioners. These individuals are saddled with too many security tools and administrative consoles to manage each effectively. One more can assist in addressing the rising concerns of cloud apps, but collateral damage is a likely outcome as the security practitioners are stretched over an even broader responsibility footprint. Furthermore, being unified within a point solution, such as CASB, lacks the teeth that security organizations really need.

They need tools that are synergistic with their existing security infrastructure, and tools that are easy to on-board and integrate. The good news is that integration of CASBs with enterprises’ existing security infrastructures is materializing; and, with this integration, a more robust security ecosystem is being fostered. This week’s announcement by Cisco®, in partnership with Elastica, on the launch of Cisco Cloud Access Security (CAS) is evidence of synergistic integration between existing security infrastructure and CASB. This SPIE digs deeper into how this integration is accomplished.