The increasing takeup of cloud computing by companies, the ubiquity of cloud application accesses and the need for better security are all factors behind the appearance of Cloud Access Security Brokers (CASB) as essential control elements between the user and cloud-hosted services. Specifically they are placed between users and cloud service providers to extend security controls set up on the corporate borders to services offered by providers.
GMV’s specialists have given a state-of-the-art overview of Cloud Access Security Brokers; these experts are Mariano J. Benito Gómez, CISO of GMV Secure e-Solutions, and Juan Antonio Abánades, Head of the Cybersecurity Technologies Section of GMV Secure e-Solutions. In their presentation they focused on the new technological tools offered by the CASB paradigm to a CISO, increasing his or her quiver of solutions to confront and head off the organization’s problems.
The degree of cloud computing takeup since the first appearance of the concept is lower than other promising techniques of the past that are by now well established in the market. For this reason Cloud Security Alliance has conducted several studies (https://www.ismsforum.es/ficheros/descargas/csa-es-2014-cloudsecuritystateoftheart20141119.pdf, http://www.ismsforum.es/ficheros/descargas/csa-es-pe-2015-estudio-estadodelarte-nube-es.pdf) showing how cloud takeup is being hindered and slowed down by client concerns mainly of security and compliance by providers.
The CASB concept is based on providing the additional security and control capacity not offered by suppliers and which may be needed by organizations to honor their contractual commitments, carry out corporate policies and abide by applicable legal requirements. Adoption of CASB is at times tied in with a specific service, such as major project for cloud migration of emails. But CASB really comes into its own whenever multiple cloud services are in actual use or in the pipeline.
The terms used in the CASB concept itself are very revealing:
- Cloud: Its target is the information in the Cloud Service Providers and also provided from the cloud by CASB itself.
- Access: Above all in their initial conception, these are solutions geared towards access control, authorization and authentication.
- Security: This is a question of whether or not to allow access, to record and deal with accesses and apply intelligence to them.
- Broker: It is not a question of moving information about or changing it from one place to another but rather acting as intermediary and raising the profile.
But it is important to point out that CASB is not the only option. It is one more complement to any organization’s good security practices, to other working lines already up and running and above all to reinforce and support effective implementation of the necessary cloud use strategy in organizations.
Authors: Mariano J. Benito Gómez
Juan Antonio Abánades
Las opiniones vertidas por el autor son enteramente suyas y no siempre representan la opinión de GMV
The author’s views are entirely his own and may not reflect the views of GMV