Is Selecting the Right CASB Solution Important?
CASBs have a variety of approaches to Shadow IT that make them hard to compare.
On your corporate network, you probably don’t know which cloud apps are in use, by whom, and how those apps are used. These unknowns are what’s known as Shadow IT. Even though Shadow IT is pervasive, many businesses haven’t even started to tackle the problem. This is due in part to the complexity of solutions. Cloud Access Security Brokers (CASBs) will help, but they all help in different ways. CASBs have a variety of approaches to Shadow IT that make them hard to compare.
A simple Cloud Monitoring tool can leverage your existing tech investments, and give you the information necessary to figure out the best way to tackle the Shadow IT problem. Discovery is the first step. These questions can help you figure out where to start:
Once you answer these questions, you will have a direction on where to go:
With the visibility to know what is at stake, you can decide if an API-Native approach is best (example – CloudLock) or if a proxy gateway is required. For example, if you find only Salesforce and DropBox in use, you can block everything else and select a vendor like CloudLock or Bitglass to deploy a SaaS / Cloud Native API approach. But, sometimes CISOs are happy just knowing the answer to the first five questions to gain visibility and determine risk. A solution like Cloud Access Monitor from ManagedMethods will allow you to monitor and take steps to control and enforce policy.