Zero Trust CASB+ Adaptive Access Controls
Enterprises are rapidly migrating to the cloud, marrying their business operations with the speed, agility and accessibility provided by the cloud applications. By 2020, more than 80% of the enterprise workload will reside in SaaS and IaaS, amplifying the user base, applications and data hosted in the cloud. This raises the following major security concerns:
- How would you manage the increasing number of users connecting to multiple cloud apps? How would you ensure their identity and authenticity? How do you know if your users pose a risk?
- Are the basic security controls enabled by cloud service providers enough to protect your data in the cloud? How would you keep a check on the data being shared across untrusted and risky cloud apps?
- Can your security investments ensure instantaneous risk identification and mitigation?
Cloud applications are interfacing and collaborating with other applications and services for seamless and real-time information exchange. Applications are becoming more intelligent, they are becoming smart applications. So your cloud security controls need to be equally as smart and adaptive to ensure end-to-end protection of users accessing data, sensitive data that resides in the cloud, and data moving into or out of the cloud. How do you solve for possible risky users or applications accessing sensitive data in the cloud?
CipherCloud CASB+ Adaptive Access Control (AAC) performs continuous risk assessment of users connecting from any location or device, to cloud applications, enabling contextual access and protecting the end-to-end user journey with a zero-trust data security approach. CASB+ AAC monitors the user behavior and tweaks the access privileges in real-time, securing every user action from login to logoff, hence elevating trust while mitigating the risks. Following is an overview of how CASB+ AAC enables secure cloud data access:
- Verify user identity during login, in conjunction with an IAM solution, such as Ping or Okta.
- Apply contextual Data Loss Prevention (DLP) policy for accessing data in the cloud. The context includes user location, user group, device type, IP Address, etc.
- Implement User and Entity Behavior Analytics (UEBA) to continuously assess user risk based on activity and enable deep application intelligence for real-time risk mitigation, such as step-up authentication or session termination, based on detected anomalies.
Gartner recently released the 2019 Magic Quadrant Critical Capabilities report for CASB, and CipherCloud has received the highest rankings for product capabilities, specifically for UEBA and Enterprise Integrations. Two technologies that are at the heart of Adaptive Access Control. Download the report today to learn more about the CASB trends, key use cases and CipherCloud CASB offerings.
Watch this demo to learn about the popular CASB+ Adaptive Access Controls use cases, that includes:
- Preventing accidental Office 365 email forwards to external collaborators.
- Denying data access or downloads from blacklisted locations
- Limiting access privileges based on user risk scores
The post Zero Trust CASB+ Adaptive Access Controls appeared first on CipherCloud.
*** This is a Security Bloggers Network syndicated blog from CipherCloud authored by CipherCloud. Read the original post at: https://www.ciphercloud.com/zero-trust-casb-adaptive-access-controls/
