Minimal CASB visibility for apps
The reality is organizations use over 2,415 apps and web services requiring cloud access security broker (CASB) policy controls for content and context. The default is to allow or deny for apps and web services with limited risk ratings, a legacy SWG and immature CASB approach without broad app visibility and risk ratings.
Limited data protection
Limited DLP included for web security including exact data match, however, a large library of policy templates, thousands of data identifiers supporting over a 1,500+ file types, plus proximity analysis, similarity matching, ML classifiers and other vital DLP capabilities are not provided.
Policy control complexity
Policy complexity is a known issue for secure web gateway (SWG) solutions designed years ago, even for the SWG MQ leaders over the years. Having more focus on networking and protocols, the cloud shift to users, apps, data, and activity is challenging their legacy design.
Changing SWG critical capabilities
A single console and unified policy for the critical capabilities of SWG, CASB, and DLP is hard to provide when two of the three parts are immature and unproven.
Application risk profiles
Given 53% of web traffic today is app and cloud service-related, providing tens of thousands of app risk profiles for security, privacy, legal, audit, financial, and compliance regulations is not optional, it sets the bar for risk management. Web security without app visibility, user, data, action and risk ratings fall short today.