the great casb: part three

This post was originally published here by  Jacob Serpa.

In Part Two, we discussed the capabilities needed for the cloud security of organizations operating in the modern business world. While these features are necessary, they are not sufficient for complete cybersecurity. As companies continue to embrace BYOD, employees will be making greater use of their personal mobile devices for work purposes. Because of this, enterprises must have security solutions that encompass mobile measures, as well. Fortunately, cloud access security brokers (CASBs) provide a number of features that can secure mobility.

Much like cloud security, mobile security demands a holistic approach to evaluating and remediating threats. Data leakage prevention can be incredibly powerful in securing unmanaged device accesses. Encryption and redaction (in different capacities) both allow enterprises to mask their data on employees’ mobile devices. Capabilities like selective wipe enable easy removal of corporate data from employees’ mobile devices without affecting personal data. Selecting a CASB that can provide such tools for mobile security is a necessity.

In addition to the above security benefits, some CASBs are able to address privacy concerns merely because of the way that they function. As sensitive data flows to employee mobile devices, enterprises must take steps to prevent breaches resulting from lost or stolen devices and malicious insiders. To address this, some CASBs, including Bitglass, take a data-centric approach rather than a device-centric approach, whereby they can focus on controlling the corporate data within a device rather than on controlling the device itself. By using this alternative approach, firms are able to avoid the high potential costs of exercising excessive control over employee devices and violating their privacy.

One final set of benefits offered by agentless CASBs can be found with their smooth deployment and rapid adoption. Setting up an agentless CASB on a mobile device is simple because it essentially just involves signing into native apps and using them normally. In other words, virtually nothing changes from the user’s perspective. As such, employees are quick to adopt the security measure. Likewise, maintenance is not an issue because nothing needs to be installed on the mobile devices. Smooth deployment and minimal invasiveness are needed in light of the fact that security measures can provide no protection if employees refuse to adopt them.

Despite the large number of mobile security concerns, CASBs are well equipped to handle the challenge. In Part Four we will discuss why CASBs are better than MDM (mobile device management) for addressing issues pertaining to cloud and BYOD. Stay tuned, and download our Definitive Guide to CASBs while you wait.


No posts to display