Behavioural analysis and CASB capabilities augment Enterprise cloud security

By : |September 30, 2019 0

In the words of the famous business magnate and philanthropist, Warren Buffet, “In the business world, the rear view mirror is always clearer than the windshield.”

These words resonate well with businesses, wherein leaders find themselves reflecting on their past decisions to strategize for the future. Steering away from impulse and making well-informed decisions is the premise on which long term strategies succeed.

Globally, enterprises have a common thread in their long term strategies – chasing a digitally native future. Enterprises have embarked on their digital transformation journeys, with cloud agility and automation, to bring down costs, time and energy. Rising concerns over unsanctioned cloud applications and the challenges of shadow IT are impacting the organization’s need to protect its data. So how can companies strengthen their security checks?

Cloud access security brokers (CASBs) can help answer this question.

The Cloud cybersecurity risk continues

According to the recent Forcepoint-Frost & Sullivan Risk and Cybersecurity study, 95% of organizations in India today are initiating digital transformations through nextgen technology such as artificial intelligence, internet of things and cloud computing; only 41% have deployed cybersecurity measures during the early stages.

While some cloud applications in use may be highly secure, there exists a significant number of less popular cloud applications that are being used to store and transmit sensitive data. In such cases wherein a new application is accessed from the cloud, the enterprise IT security manager is the last to know. And at times, this lacuna may prove to be detrimental as managers’ ability to deter threats is dictated in large part by the amount of control they have over their networks.

Faced with this challenge, managers are likely to choose one of two prevalent options. While some refrain from using any new cloud-based application until it is assessed by the IT team, others prefer to permit the use of the cloud applications while trying to determine how to support it. However, these are not the ideal routes to adopt, since preventing workers from using applications impacts their workflow and therefore, productivity. And the latter puts the time-strapped IT team under severe pressure to figure out how to support a new application.

CASB capability to thwart risk exposure

The third and most viable option exists in CASBs which liaise between the user and the cloud-hosted service provider. CASBs have the capability to monitor cloud applications in line with the organization’s norms and protocols and encrypt and exchange data securely.

CASBs are critical for maintaining security on the cloud since they provide in-depth intelligence surrounding different application environments; thereby, enabling the IT managers to automatically compare the risk levels of different applications so that administrators can filter out cloud applications that may be perceived as higher-risk. Moreover, they provide visibility into an entire application environment and can manage it end to end. This helps managers identify and monitor all the applications accessed by their workforce and apply security protocols to them simultaneously.

CASBs Can Monitor User Behaviour

Organizations can further strengthen their security policies through behavior analysis of digital identities on a network. The established baseline for normal behavior dictates that a deviation from a set pattern can signal risk exposure. For instance, a user logs into the network from the same type of browser from the same devices and from the same location daily. However, when the same user’s credentials are used to access the network from a different geo-location or browser, it signals that something may be wrong.

Furthermore, when this is combined with CASBs, it becomes an even more powerful form of threat prevention, since CASB can monitor user behavior across a spectrum of applications. This allows IT managers visibility into the applications used by employees, the utilization of applications and so on. This information helps in determining the risk profile of the user, especially the ones who have access to highly sensitive data or who deviate from normal behavioral patterns.

CASBs boost user device security

Users access cloud-based applications through their personal devices, which decreases IT visibility while increasing risk exposure since unsanctioned devices are typically not connected to a forward proxy server. In this regard, CASBs help by providing the ability to implement reverse proxy, thereby enabling managers to step up security of personal devices that access cloud-based applications. Users log on to an application from their devices and are routed to a URL where they are automatically authenticated. Managers can then assess risk based on users’ actions — including the apps they are accessing, the data they’re sharing and the devices they’re using — in a pseudo-anonymized behavioral profile.

CASBs have the capability to plug the various security loopholes, allowing IT managers to beat the security threats posed by BYOD and unsanctioned applications and without compromising user efficiency and productivity.

By Surendra Singh, Country Director, India and SAARC, Forcepoint

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.