The decision for technology giants Microsoft, Apple, Amazon, and Adobe, among others, to deliver significant parts of their services through the cloud has elevated the status of cloud computing from a trendy buzzword to a legitimate option for today’s modern businesses.
Further proof of the impact of cloud computing is a study by cloud management company RightScale, where 1,060 IT professionals were surveyed. Published in February 2016, RightScale’s State of the Cloud survey found that 95% of the respondents were using the cloud. A 2015 version of the study also revealed that 93% of the 930 respondents were already running applications in the cloud. Growing dependency on cloud computing, plus the need to address enterprise information security, has introduced the need for cloud access security brokers, or CASBs. But why exactly are CASBs such a trending subject?
The Benefits of Cloud Adoption
Cloud adoption is increasing for various reasons:
- 24/7 access. Because cloud apps can be accessed via the internet, users can log into their cloud-powered productivity tools anytime, anywhere, and on any device.
- Greater efficiency. The proliferation of cloud-based SaaS solutions means there’s probably a solution to address whatever workflow problems you’re facing. And as more applications enter the market, cross-platform integrations means you can use multiple cloud technologies in tandem to optimize your workflow more than ever.
- Cost-effectiveness. Unlike traditional software, you don’t need to hire maintenance experts or additional IT infrastructure with cloud-based applications. Many cloud applications have support built directly into their interface.
- Role-based access. Depending on their job functions within the company, users are assigned their personal access credentials, with the administrator specifying which tasks they can perform within the application, such as view-only, edit, and so on.
- Automatic updates. Software updates are automatically deployed through the cloud, waiting for you the next time you sign into your cloud account.
- Scalability. Cloud-based application vendors generally offer tiered packages. This means as your company expands and your user base grows, you can upgrade your subscription to accommodate more users and customers into the platform. The same is true for when business is slow. Just downgrade when needed.
The Risks of Cloud adoption
Despite the convenience and cost-efficiency that cloud-based technology offers, the risk of data loss is very real for end users and enterprises alike. Not only do malicious entities lurk at every corner of the Internet, ready to take advantage of the next unsuspecting enterprise employee, but even honest user error can cause huge amounts of data to be released to the public.
The Target hack, the Home Depot attack, the Epsilon data breach – it’s a long line of both well-known and lesser-known enterprises that have succumbed to an attack. These breaches cost companies a huge amount of money and can cause enduring damage to a brand’s reputation.
E-commerce sites, where large amounts of financial transactions involving credit card and bank account numbers are made online, have the largest appeal to hackers. A PYMNTS.com article published April 2016 reported that: “Online fraud attacks have jumped by 11 percent since the [EMV] shift. Digital goods retailers […] have seen a more than 300 percent increase in fraud attacks since the liability shift.”
The recent data breach of cloud-hosted file sharing service Dropbox serves as another reminder of the security risks inherent with conducting business or storing sensitive or confidential information in the cloud.
The Role of CASBs in Protecting Your Data
This surge in cloud dependency, plus the need to address enterprise information security, has ushered in the advent of cloud access security brokers, or CASBs.
A CASB serves as a security mediator between cloud service consumers and public cloud services. Cloud-based services generally are secure on their own, but a CASB provides an extra layer of protection.
In a nutshell, it allows an organization to expand its security reach beyond its own IT infrastructure by “ensuring network traffic between on-premises devices and the cloud comply with [enterprise security] policies,” says IT expert Dan Sullivan.
He adds that CASBs particularly benefit enterprises with operating units that manage their own cloud resources, or those with shadow IT operations. CASBs also cover end users accessing cloud applications outside of the company’s network via their mobile devices.
To ensure that end users are safe when accessing cloud applications, the main functions of CASBs include:
- Device profiling
- Credential mapping
- Auto-discovery of cloud applications that are in use
- Identification of high-risk applications
- Enforcement of appropriate security policies once risk is assessed
- Malware protection
- Cloud spending control
According to Gartner, “By 2020, 85% of large enterprises will use a cloud access security broker solution for their cloud services, which is up from fewer than 5% in 2015.”
If this indeed pans out, it’s because more and more organizations are realizing and acknowledging the growing risks of doing business in the cloud. As security pundits love to say, when it comes to enterprise information security, you can never be too secure.