With Netskope, you can safely enable the apps you sanction, and the ones you don’t.
Netskope enables you to find, understand, and secure cloud apps in real-time and across any app. Our granular policies let you shape activities, not block apps. That’s how cloud security solutions should work.
With Netskope you can eliminate the catch-22 between going fast and being secure.Get the White Paper
What to look for in a Cloud Security Broker solution
At Netskope we recognize that choosing a cloud service broker (CASB) is a serious decision for your organization. As an IT or information security professional, you’re responsible for the cloud security services and that means that avoiding and mitigating unnecessary risks. We also recognize that your choice in cloud based security services involves more than just security and that it means you’re helping to enable your business.
The cloud apps people are using let them go fast. Today more than ever, they find it easy to procure and deploy secure cloud solutions without permission (or even help) from IT. Shadow IT represents more than 90 percent of cloud apps in the enterprise, and many of these apps are considered important by lines of business. According to a 2014 Ponemon Study entitled “Data Breach: The Cloud Multiplier Effect,” IT and IT security professionals estimate that that 36 percent of business-critical cloud apps are now in the cloud but believe that they don’t have visibility into nearly half of them. Shadow IT can be a significant source of cloud security risk. That risk can take the form of users accessing vulnerable apps, admins not curtailing cloud app access for departed employees, users uploading sensitive content to unsanctioned apps, users exposing sensitive data via cloud sharing, and more. And since so much of cloud app usage is shadow, it’s hard for IT to understand and mitigate this risk.
Beyond getting control over the apps you don’t know about, you need to secure data and govern usage of the cloud apps that you do sanction. These include apps like Salesforce, Box, Dropbox, the Google Apps for Work suite, the Microsoft Office 365 suite, and more. As your users adopt and increasingly rely on these apps, you need to ensure that they’re using them in a compliant manner. With cloud based security, you can make sure that the right people have access, monitor usage for non-compliant activities, and protect your organization’s most sensitive data within, or en route to or from, those apps. This means discovering sensitive data like payment card information (PCI), personally-identifiable information (PII), protected health information (PHI), source code, and other confidential information within your corporate apps and then taking action. That action can be revoking access, encrypting, changing permissions, or enabling workflows like quarantining files for later review or downloading a copy of them for legal hold in the case of a legal or regulatory review.
At the intersection of sanctioned and unsanctioned cloud apps are cloud app ecosystems. According to Netskope research, Cloud App Ecosystems: Why They Should Matter to You, organizations can have dozens of ecosystems apps for a major “anchor tenant” app like Box or Salesforce. Moreover, these ecosystems are responsible for a significant portion of activity in an enterprise’s cloud. According to the report, more than one-third of all cloud app sessions are in the ecosystems of four apps and 44 percent of all data loss prevention (DLP) policy violations happen in the Salesforce ecosystem alone. The important thing to remember is that any app in the orbit of one of your corporate sanctioned apps can share your business data with that app. Since most cloud apps are unknown to IT and lack basic enterprise security features, those ecosystem apps can pose risk of data exposure or leakage if left unchecked. Cloud security services should help you find those apps, understand usage within them, and secure data in them just as you would in your “anchor tenants.” And they should enable you to do it in context, in real-time, across any app, on any device, and no matter where your users happen to be – on-premises or remote.
When choosing cloud security services, ensure that you can find all of the enterprise cloud apps in use in your organization, understand how they’re being used, and then secure them with policies that govern what people can do within them. By providing granular controls that work in context, you can shape activities rather than block apps. This completely changes the conversation you can have with your business stakeholders and the value your organization can have in safely enabling the cloud.
Whether you’re discovering and getting control over shadow IT, safely enabling a sanctioned app or suite, or securing cloud app ecosystems at the intersection of the two, we hope you’ll give Netskope a serious look.