As enterprises execute on their ‘Cloud First’ strategy, it is imperative to secure sensitive Cloud assets to meet compliance, privacy and security requirements. Cloud Access Security Brokers (CASBs) or Cloud Security Gateways are emerging as a popular choice to secure Cloud assets.
Typically an enterprise’s Cloud ecosystem comprises of various service providers for Productivity, Infrastructure, Software and Platform. Each of these ‘as-a-service’ models present significantly different security challenges that a CASB needs to circumvent.
This primer investigates some of the shortcomings of current CASB offerings and lends insight in to the guiding principles of next-generation CASB solution from Saviynt.
To prevent this, CASBs need to augment DAC with granular context-based access control (ABAC) policies. CASBs need to have deep integration with Cloud providers to gain visibility into access, permissions inheritance, escalation of privileges, changes to roles, detect creation of share links, etc.