Over the past several months we’ve been talking about the Critical CASB Use Cases — there are 15 of these that we highlight, ranging from the management of unsanctioned versions of sanctioned cloud services to the control of managed vs. unmanaged device access to Microsoft Office 365. Worthy of a deeper dive are the various use cases found in the usage of Infrastructure as a Service (IaaS) platforms that require a CASB. By now, many of us know that it’s quite important to include services like Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure when assessing the risk of cloud service usage within the enterprise. This is validated by the many organizations who have recognized that they need to protect the critical workloads running in these services as well as the sensitive data residing in them. This has made the visibility and control of IaaS platforms one of the hotter topics for us so far this year and it’s gratifying to see increasing customer interest in securing IaaS platforms. As many folks know, here at Netskope we have been working steadily to expand our coverage of these services since we delivered the CASB industry’s first real-time, inline connectors for Amazon Web Services and Microsoft Azure way back in 2014. Today, Netskope provides both real-time, inline visibility and control of IaaS usage as well as API-based introspection across a range of IaaS platforms.
Here are some of the ways that organizations use Netskope to secure their IaaS platforms:
Granular visibility and activity-level control of IaaS usage
Many of our customers choose Netskope to better understand their IaaS usage and define granular policies to address any risky activities in IaaS platforms. Frequently, our customers have multiple instances of an IaaS platform running in their organization (e.g. for dev, QA and production or for different lines of business) and take advantage of Netskope’s unique ability to tailor different policies for each IaaS instance. Within a specific IaaS instance, they are creating granular policies for specific activities. For example, alert on the creation of a new VM instance within AWS, or block the reboot activity for a production workload in Azure. In AWS Identity and Access Management, they are able to restrict an AWS admin from creating new policies or modifying admin permissions.
Detailed IaaS audit logs for reporting and forensics
Some organizations want to maintain detailed audit logs of their IaaS usage for reporting and forensics purposes. For example, a Fortune 100 retailer is using Netskope API introspection for Google Cloud Platform to monitor all users and activities in GCP and they use Netskope to make sure that ex