Today, the average enterprise customer uses over 1,000 cloud applications, including Saas, PaaS, IaaS, and even homegrown Cloud applications. In some instances, users and business lines are taking up Cloud apps faster than IT can discover, monitor and protect them. If this is your organisation, it is time to automate the process and take back control.
This webinar focuses on how you can practically lower the cybersecurity risk when migrating to the Cloud to enable your organisation to use the Cloud more and better.
Companies are investing massive amounts of money in MS Azure and AWS but are led by different business reasons. Learn how to eliminate the security blind spots by following the rhythm of your people and flow of your data.
Nowadays, more than half of corporate data is stored outside of the premises, so the IT teams need to find a way to control data that exists outside of their reach. The main challenge the techies are facing is to overcome the user behaviour challenges while also ensuring the security of the company in the cyber realm.
Encryption is an excellent example of that: typically, when it is done by a third party it slows down and damages the user experience.
The Cloud Risks CASB solves
Users oversharing data in file-sharing apps
With social media being such a large part of people's lives, we've become accustomed to oversharing on the internet. However, when the matter is confidential corporate data, we need to ensure that there are policies in place. For example, if sensitive data is externally shared or an outsider has request access to it, CASB can trigger these bans based on anomalies in geo-location, domain, etc.
Employees, 3rd parties accessing cloud apps from their own devices
The BYOD trend increases the number of unrecognised devices on networks, increasing the attack surface. A prime example would be Deloitte, when they had no control over the Office 365 access of their members through unauthorised devices, allowing hackers to penetrate the network and access confidential data. Shadow IT can help to control the behaviour of the users and prevent the success of such attacks.
Admins making mistakes or coming under attack
No one is immune to mistakes, including the IT team. This is why CASB can help to take steps to audit the admin access by looking at behaviour analytics, i.e. if a user is lowering the firewalls, then the two-factor authentication should be triggered and required to act.
The Cloud becoming the new attack surface
More and more data is moved to the Cloud; hence it is becoming the target of attacks. Machine learning allows CASB to recognise what devices you usually used when accessing Office 365 (IOS, Android, etc.), your usual locations and if brute force has been applied to gain access (multiple login attempts).
Employees finding and using their own services.
As a company, you may not have provided your team with the appropriate solutions to enable file sharing, etc. However, applying a Data Loss Prevention solution integration can control and encrypt your data. Through the Data Loss Prevention solution, you can empower employees to work across devices, networks and apps. You can also identify the riskiest users, reduce false positives and isolate problems faster.
Forcepoint CASB integrates with DLP solutions to provide unified data protection extending from on-premises to the cloud environment. It also integrates with solutions such as web security, email security, next-generation firewall and more. Something to look out for is the new DLP version, expected to launch in the first quarter of 2020 which will provide sleeker integration with CASB.
FEATURES AND BENEFITS
- Protect against account takeover and misuse of stolen credentials
Stop bad actors from accessing cloud application data. Use Leading machine learning and UEBA capabilities to establish behavioural fingerprints for advanced risk calculation.
- Monitor and detect anomalous behaviour (e.g., brute force attacks) in real-time
- Block or enforce risk-based multi-factor authentication for enhanced security
Apply unique access and security policies on a per-device basis by easily distinguishing between managed and unmanaged (BYOD) Devices.
- Receive real-time alerts of suspicious activities
- Log all user activities to meet compliance requirements
Gartner predicts that by “by 2020, 85% of all large companies will deploy a CASB capability, compared to a barely 5% as recently as 2015."
Not sure where to begin? A Discovery scan is a great place to start to see how many and what kind of applications your users are using to send and receive data on your network.