Cloud App Security

June 1st, 2022
Cloud App Security

Remote work is here to stay. A study found that 1 in 3 Canadians are willing to leave their current jobs in order to continue working remotely. We could go on for quite some time about the numerous advantages and disadvantages of this new paradigm, but today we have a singular focus: Cloud app security.

Cloud apps and remote work

Cloud applications are part and parcel of remote work - without them, it would be impossible to share files, hold online meetings, and conduct other business activities from anywhere in the world.

Microsoft, Google, and other popular cloud SaaS providers know this. They’re also aware of the inherent security risks tied to remote work. As such, they implement a number of security measures to protect valuable files. Chiefly, they backup files on multiple servers - this allows them to ensure access to your files even if one of their own servers is compromised.

This “guarantee” that files will be accessible to stakeholders at any time is the feature that has convinced many holdouts to move to cloud services. Guarantee is, of course, a very strong word - we always recommend backing up your files offline, but that’s a discussion for a different time.

Backups of files are all well and good, but what happens when a user falls victim to a phishing scam? What if third-party add-ons you’re using with your cloud software become compromised? These are problems that most cloud providers don’t have a ready solution for - and that’s where cloud access security brokers or CASBs (pronounced cas-bee) come in.

What is a CASB?

Cloud access security brokers are third parties that create a security layer between users and cloud services. Think of how IT used to work - everyone was on a single secure network, where firewalls, antiviruses, email filters, user access, and other features were standardized. CASBs seek to emulate that security.

They do this by providing features like:

-Attachment sandboxing
-App risk assessment
-Account takeover protection
-Compliance tools like audit trails

Why should I use a CASB?

CASBs regulate what activities users can conduct in given cloud environments. Two advantages of CASBs are that they are both granular and flexible. They’re granular because you can set all kinds of different rules for what’s permissible in given contexts, and they’re flexible because as those contexts change, so can the rulesets.

For example, you may have a user who normally has unlimited access to files in a cloud environment. However, if the CASB finds that the user is on an unsecured network, the rules you’ve put in place can automatically change that user’s permissions to restrict access to important files.

CASBs also provide a record of all cloud interactions, allowing you to see who accessed a given file, when they accessed it, and where they accessed it from. They’ll also provide risk scores to help you understand the safety of a given cloud environment, and they’ll limit access to suspicious files.

Most high-quality CASBs can also integrate directly with the API of cloud service providers like Office 365, G-Suite, and Dropbox. This improves user experience by reducing latency.

You should use a CASB if your company has a lot of remote workers who are using cloud software - they provide a level of security that can’t be replicated by simply adding more security protocols to your in-office network.

Call Constant C for cloud app security

We’re here to help companies adjust to the reality of remote work, from helping them set up VPNs to providing CASB and other IT services in Manitoba. Improve the speed and security of your remote network - get in touch with us today!