CASB, what is the minimum to get started in the Federal Government?
A Cloud Access Security Broker (CASB) monitors all activities between on-premise and mobile devices and the cloud provider and enforces security policy compliance within this environment.
As more and more organizations start moving to a cloud enabled application platform, planning must be undertaken to ensure effective, robust and secure delivery of business functions. Within the cloud environment, a Cloud Access Security Broker (CASB) is an essential cloud-based software solution that operates between an organization’s infrastructure and a cloud provider’s infrastructure and applications.
A CASB solution acts as a gatekeeper that provides three main functions:
- Data Loss Prevention
- Threat Protection
- Account Monitoring and Compliance
As such, CASB monitors all activities between on-premise and mobile devices and the cloud provider and enforces security policy compliance within this environment.
The CASB Vendor Market
The CASB vendor market is a dynamic market in terms of capabilities and solutions. For the Federal Government or any organization that must adhere to privacy and/or data residency restrictions, there are a number of pertinent questions that need to be asked and answered with respect to vendor’s solutions to properly evaluate the appropriateness of the solutions with the organization’s context.
These questions include:
- Does the solution allow the client to specify which geographical locations the data traverses in and out of based on where data is stored vs. accessed?
- Data in Transit: Can the data be encrypted in transit and can the customer own the encryption keys?
- Does the vendor list the certifications currently in place?
- Where are the backups stored and for how long?
- What is the disaster recovery strategy and how often it is tested?
- What if any data is stored by the vendor and what is the data retention policy?
- Are the capabilities offered within a single Product? And is there a single management console?
- How many roles can be created? Can there be custom roles? And what two factor authentication or step up authentication is available?
- What is the number of Cloud applications in the risk registry? Can the customer add new Cloud services to the registry? How is the registry kept up to date? And can the customer see the score for the individual score attributes?
- Are Canadian data standards such as SIN and PII built-in?
- Can the solution detect data exfiltration attempts?
- How many sanctioned application API integrations are available?
- Does the solution support both Forward and Reverse Proxy modes and describe those capabilities?
- Data Security: What contextual parameters can be used for enforcement and Data Lost Prevention (DLP)?
- What are the Device Access Model capabilities?
This is just a sample of some of the key capabilities that should be considered when evaluating a vendor’s. In addition, there are quite a few other areas that should be evaluated. Please contact EMERION/Cofomo to continue the conversation.
For further information please contact EMERION sales. Sales @emerion.ca