IT leaders are responsible for maintaining security, but due to the explosion of cloud apps in business, they have less and less control over the security risks that they face. This lack of control and visibility with unsanctioned cloud apps creates Shadow IT. Shadow IT is a huge challenge for IT leaders because it isn’t addressed through existing security solutions. Firewalls, Secure Web Gateways, and Web Filters are not designed for today’s cloud access security. So what’s an IT leader to do?
Define an objective
To help businesses monitor and control Shadow IT, Cloud Access Security Brokers (CASBs) interject security controls by brokering access to a cloud service. Having one control point for cloud app security is what businesses want, but there are a variety of ways to broker that security.
Since there is no go-to solution that is appropriate for every business, IT leaders need to prioritize what they need by defining an objective and working backward. With an objective, the features and tactics necessary are easier to identify. Each provider will have strengths and weaknesses with the following features:
- Discovery and risk rating of cloud services: automatically discovers all cloud services in use across the company with a risk rating of each service
- Encryption and tokenization: the ability to encrypt data before it leaves the organization to the cloud using enterprise-controlled encryption keys
- Access control: limiting access to cloud services based on the context of a user, device, or location
- Data loss prevention: enforce DLP policies for data moving to the cloud, with optional integration to on-premise DLP solutions
- Authentication: integration with identity verification services via common standards such as SAML
- Logging and auditing: audit trail of all actions performed in a cloud service to prove compliance and investigate potential breaches
- Alerting: ability to alert administrators to potential data leaks, security breaches, or other risks
For many businesses, going this far might be getting ahead of ourselves. Let’s take a step back:
No objective? Start here
If you aren’t sure what you need, don’t fret. Finding a solution is pretty tough when you haven’t even defined the problem. Since there are numerous factors to consider, most business’ first objective should be getting a clear picture of the risks. Cloud Access Monitoring is an easy and affordable way to shed a light on Shadow IT without making any major commitments. With Cloud Access Monitoring, businesses can understand their risks, prioritize and take reasonable steps towards addressing each one.
To see how Cloud Access Monitoring can give you a clear picture of your organization’s risks, watch our brief Product Tour video.