The Most Critical CASB Use Cases in the Market Today: Monitor or control advanced and cross-service activities

Netskope
December 22, 2016 By Jamie Barnett

“Sanction one cloud service and block the rest” has finally been relegated to the junk heap of cloud security strategies as enterprises move past log-based discovery for their end-all cloud access security broker (CASB) project. Enterprise IT is savvier than ever today about cloud usage and realizes that cloud – and users – just don’t work that way! They know that their organization’s most popular cloud services are part of an intricate, interconnected solution ecosystem, and their users are increasingly taking advantage of advanced capabilities and cross-service integrations.

This has led to the revelation that some CASB architectures are better-suited than others to the way users work in the cloud today. CASB vendors that try to shoehorn customers into an API-only or reverse proxy-only architectural choice (because that’s all they offer) are not only misleading their customers, but not actually solving the problem.

Netskope customers have deployed Netskope’s ALL-MODE architecture (with more than three-quarters of them going beyond a single mode) to achieve their most critical use cases. We have noted 15 of these use cases in our recent e-book, The 15 Critical CASB Use Cases, and we’re highlighting them and more (and we want to hear from you too!) in this blog.  

Here’s use case #7: Monitor or control advanced and cross-service activities.

As users become more sophisticated in their cloud usage – and cloud services themselves offer increasingly advanced capabilities and integrated cross-service solutions, enterprise IT must keep up with this more advanced usage from a security standpoint. It turns out that if organizations want to govern not just simple cloud service activities like “login,” but more advanced usage ones such as “edit in” Box or “save to” Dropbox, cloud security architecture matters.   

How can CASB help? A CASB sits in between the user and the cloud service provider and can monitor and enforce policy on those advanced activities whether they are in-app or across-apps. To achieve this use case, the organization needs to deploy the CASB in an inline, forward proxy mode for real-time activity-level monitoring and policy control. Here are four critical functional requirements that are also needed to achieve this use case:

  • Be aware of context, e.g., activities such as “edit” and “save”
  • See and control usage in both sanctioned and unsanctioned services
  • Identify and control integration with ecosystem services
  • Decrypt SSL and decode the API to understand the transaction (for forward proxy)

How are you monitoring and controlling advanced and cross-service activities like “edit in” and “save to?” We want to hear from you.

Learn more about this and 14 additional most impactful use cases by downloading The 15 Critical CASB Use Cases.