IT PARK
    Most Popular

    Building a Smart City: The Importance of Cloud Storage

    Sep 19, 2023

    Blockchain insulation, the universe is open

    Sep 18, 2023

    The five basic types of IoT

    Aug 21, 2023

    IT PARK IT PARK

    • Home
    • Encyclopedia

      What is brute force cracking?

      Oct 01, 2023

      What is the reason for the computer card? How to deal with the computer card?

      Sep 30, 2023

      Which is better, laptop, desktop or all-in-one

      Sep 29, 2023

      icloud space is always insufficient to do

      Sep 28, 2023

      What is the difference between the Guid format and MBR format for computer hard drive partitioning?

      Sep 27, 2023
    • AI

      What are the young people interacting with Japan's "Buddhist AI" seeking and escaping from?

      Oct 01, 2023

      Nvidia Announces GH200 Superchip, Most Powerful AI Chip, to Accelerate Generative AI Workloads

      Sep 30, 2023

      Google has categorized 6 real-world AI attacks to prepare for immediately

      Sep 29, 2023

      Samsung considers replacing Google search with Bing AI on devices

      Sep 28, 2023

      Generative AI designs unnatural proteins

      Sep 27, 2023
    • Big Data

      What are the misconceptions in data governance in the digital age?

      Oct 01, 2023

      What is a data warehouse? Why a Data Warehouse?

      Sep 30, 2023

      What is Data Governance? Why do organizations need to do data governance?

      Sep 29, 2023

      Winning Business Excellence with Data Analytics

      Sep 28, 2023

      Has the development of big data come to an end?

      Sep 27, 2023
    • CLO

      How to Reduce the Risk of Cloud Native Applications?

      Oct 01, 2023

      How should the edge and the cloud work together?

      Sep 30, 2023

      Last-generation firewalls won't meet cloud demands

      Sep 29, 2023

      Healthcare Explores Cloud Computing Market: Security Concerns Raise, Multi-Party Collaboration Urgently Needed

      Sep 28, 2023

      Remote work and cloud computing create a variety of endpoint security issues

      Sep 27, 2023
    • IoT

      Berlin showcases smart city innovations

      Oct 01, 2023

      IoT solutions lay the foundation for more effective data-driven policing

      Sep 30, 2023

      CO2 reductions won't happen without digital technology

      Sep 29, 2023

      4 Effective Ways the Internet of Things Can Help with Disaster Management

      Sep 28, 2023

      6 Ways the Internet of Things Can Improve the Lives of Animals

      Sep 27, 2023
    • Blockchain

      Which is better for the logistics industry and blockchain

      Oct 01, 2023

      Will blockchain revolutionize the gaming industry?

      Sep 30, 2023

      How do you make a blockchain investment?

      Sep 29, 2023

      What is the connection between blockchain and Web 3.0?

      Sep 28, 2023

      Canon Launches Ethernet Photo NFT Marketplace Cadabra

      Sep 27, 2023
    IT PARK
    Home » CLO » On the Importance of Cloud Access Security Agent CASB
    CLO

    On the Importance of Cloud Access Security Agent CASB

    As enterprise IT operations are gradually going to the cloud locally, they begin to look for security access control methods to introduce cloud operations from internal data centers. Cloud Access Security Proxy (CASB) is such a tool. This article will take you to study CASB and explain its origin and evolution.
    Updated: Aug 23, 2023
    On the Importance of Cloud Access Security Agent CASB

    As enterprise IT operations are gradually going to the cloud locally, they begin to look for security access control methods to introduce cloud operations from internal data centers. Cloud Access Security Proxy (CASB) is such a tool. Today, CASB has been introduced for ten years and is a common component of enterprise security infrastructure. But for many people, it is still a mystery to know exactly the function of CASB and why it is different from the next generation firewall.

    This article will take you to study CASB and explain its origin and evolution.

    The original purpose of CASB is to provide visibility of all cloud services in the enterprise infrastructure. CASB is the first special weapon against "shadow IT" and unauthorized cloud services. CASB is deployed at the network boundary and uses a variety of proxy types to identify each response to or connection from the cloud service, regardless of whether the cloud service is approved.

    At the beginning of the creation of CASBs, they were often deployed as physical devices in customer data centers. Now, they can still be deployed, but they are more deployed as cloud services themselves in the "security as a service" (SaaS) model. In both cases, today's CASB uses agents and APIs to identify the largest possible range of cloud services and take action based on the additional functions that the product now has.

    Knowing the existence of cloud services is not the same as protecting them (or implementing security control for specific services), so CASB gradually develops and provides more services for the security team. As Gartner said, CASB's "four pillars" have developed - visualization, compliance, data security and threat protection.

    These four functional areas are important in the shared responsibility cloud security model, in which cloud providers are responsible for protecting their infrastructure, and cloud customers are responsible for the security of their applications and data.

    So, what is the real meaning of the "four pillars"? How are they used to protect the enterprise cloud? The following will be discussed one by one.

     

    visualization

    CASB can let enterprise leaders know whether the cloud services that all employees insist on using in the network are safe. Although this is necessary and frightening, the current CASB can indeed provide partial detection. CASB can be used to find and monitor the way to and from cloud service traffic. It can also tell the security team which employees are using cloud services and how they get cloud services. When confronted with employees, CASB tools can provide effective help if employees do not admit that their personal behavior has damaged the company's security plan.

    Compliance

    With the development of CASB, especially when they use APIs instead of agents to improve the visibility of cloud businesses, they can view data transferred from one cloud to another and between internally deployed infrastructure and clouds. In addition to providing the security team with a better understanding of the organization's cloud infrastructure, it can also view the data stored in the cloud and being processed.

    Many aspects of compliance depend on understanding where and how data is stored. In addition to external regulations, many organizations have internal rules on how to store and handle specific types of data. CASB allows the security team to clearly understand the status of cloud bound data, so that it can detect and correct the situation of employees storing or migrating data to avoid violating external regulations.

    data security

    By understanding the status of data on the cloud, CASB can take the next step to protect the data. Through API controls, CASB can view transactions that have never entered the enterprise network (such as transactions between cloud services). CASB can implement a series of rules, such as data encryption or obfuscation, specific requirements for authentication and access control, and other parameters, to ensure that data is stored in a secure manner.

    Threat protection

    "Access" is a part of CASB. Such products can provide threat protection and strengthen the access and authentication control of cloud data applications. In many cases, CASB can monitor business activities and execute rules by interacting with existing single sign on or "identity as a service tool". One of the advantages of CASB is the ability to integrate with the existing security infrastructure, which distinguishes CASB from other tools.

    In general, next-generation firewalls, Web application firewalls, and other security tools are considered complex and unable to maximize their advantages. In contrast, CASB has always been a tool that is easy to configure and deploy, even for inexperienced security teams.

    Previous Article Benefits of big data analysis and how to analyze big data
    Next Article What are the characteristics of cloud computing?

    Related Articles

    Big Data

    What are the misconceptions in data governance in the digital age?

    Oct 01, 2023
    Blockchain

    Will blockchain revolutionize the gaming industry?

    Sep 30, 2023
    Encyclopedia

    What exactly does a secure eject USB do?

    Sep 26, 2023
    Most Popular

    Building a Smart City: The Importance of Cloud Storage

    Sep 19, 2023

    Blockchain insulation, the universe is open

    Sep 18, 2023

    The five basic types of IoT

    Aug 21, 2023
    Copyright © 2023 itheroe.com. All rights reserved. User Agreement | Privacy Policy

    Type above and press Enter to search. Press Esc to cancel.