• headerslider_verschluesselung_02

CASB Data Protection

There has been significant recent development in CASB solution offerings as enterprises’ strive to get control of its users leveraging “Non-Sanctioned” cloud applications and the security vulnerability and security threats this brings. It’s generally accepted that the following four pillars make up the overall CASB functionality:

Visibility/DiscoveryAccess ControlData ProtectionThreat Protection
CASB, only SupportGives organisations visibility into users, services, data, and devicesProvides data and file content monitoring to restrict access via policyBasic file encryption and blocking data with no SaaS application supportAnalyses traffic patterns to identify compromised accounts and malicious usage
CASB with CDP point solutionSeamless Security Layer.
CASB & CDP Integration
Full SaaS functionality support
Business Function
Responsibility
• Network Operations
• IT Security
• Risk & Compliance
• CISO
• Risk & Compliance
• Line of Business
• CISO
• Info Security
• Network Operations
• IT Security
• CIO

CASB Functional Areas and Business Function Responsibility

From an enterprise’s Risk and Compliance perspective it faces significant legal and regulatory data compliance needs where the main focus is the protection of PII (Personal Identifiable Information) and sensitive PII and corporate sensitive data typically governed by B2B Non Disclosure Agreements (NDA). These legal and regulatory compliance carry significant fines and brand reputational damage when such data is compromised or breached.

The challenge with pure paly CASB vendors attempting to address all of the four pillars, one or more of the four pillars often lacks the depth of capability of security capabilities to fully address the maintain a seamless user experience, or address the Risk and Compliance teams needs for data control so that legal and regulatory responsibilities can be met. Data Protection is the obvious candidate of the four pillars where CASB vendors are light in capabilities without the depth of functional capability.  This Data Protection capability involves complex encryption or data tokenisation support, key management and SaaS application functional support.

Most CASB vendors can detect sensitive data, but then blocks the data from leaving the enterprise. This blocking action, now breaks the business process and add more complexity to the treatment of sensitive data.

The eperi Gateways are designed to fully integrate with most CASB solutions to provide the more complex Data Protection needs beyond just the blocking of sensitive data. The eperi Gateways act as a single point of control that supports most of the leading cloud SaaS applications such as Office 365, Salesforce, Microsoft Dynamics CRM, ServiceNow and many others including enterprise custom applications running on IaaS platforms.