Proofpoint Cloud Access Security Broker
Protect data in the cloud
Why you need CASB
Security and compliance concerns with cloud apps and services are pushing more and more enterprises to implement CASB solutions. These include:
Shadow IT” and the proliferation of third-party apps
- When CASBs first came on the scene, enterprises deployed them primarily to curb “Shadow IT” (cloud apps and services used without the explicit approval of IT). Now enterprises also face the challenge of governing hundreds and sometimes thousands of third-party apps and scripts with OAuth permissions (which use tokens instead of passwords) to access enterprise data. These third-party apps add more features to Office 365, G Suite, Box, and other platforms. But some are poorly built or overtly malicious. And, once an OAuth token is authorized, access continues until it’s revoked. After auditing each cloud app for its security controls, such as certifications, and other risks, such as broad data permissions, IT teams can make educated decisions on access controls for risky cloud apps and can promote the use of “safe” cloud services.
Cloud account compromise
- Apps and data in the cloud are often accessed by cybercriminals through compromised cloud accounts. Proofpoint recently analyzed more than 100,000 unauthorized logins across millions of monitored cloud accounts and found that 90% of tenants are targeted by cyber attacks. Sixty percent of tenants have at least one compromised account in their environment. These typically begin with brute-force attacks – where threat actors submit multiple user names or passwords in an attempt to guess user credentials correctly so they can access an account. Another method is credential phishing, where they try to get users to part with their passwords through socially engineered emails. Once they have the credentials, attackers then leverage these cloud accounts to pose as legitimate users in order to get employees to wire funds to them or release corporate data. Threat actors also hijack email accounts to distribute spam and phishing emails.
Loss of intellectual property
- The risk of losing trade secrets, engineering designs and other corporate-sensitive data is very real when employees use cloud-based collaboration or messaging tools to share files and information. Employee negligence or lack of training can result in oversharing of files via public links that can be accessed by anyone. Insider threats are also common. A common example is theft of customer sales records from CRM services by sales personnel who plan on leaving the company. Enterprises can increase visibility to data handling in the cloud and improve data security by employing user-centric policies to control access to cloud services and data via CASB solutions.
Stricter regulations and bigger fines
- Organizations in virtually all sectors are finding that maintaining compliance has become a daunting task. Many regulations and industry mandates now require you to know where your data is and how it’s shared in the cloud. Violations of recent data privacy and residency regulations can result in hefty fines. For example, violators of GDPR can be fined up to 4% of worldwide annual revenue. CASBs can lighten the compliance burden and spare you the headaches at audit time.
Visibility into cloud usage
- Whether it’s to protect data or obtain insights into the ways cloud services are used, a CASB provides the visibility needed for security and future scaling. A CASB can help organizations plan for future resources so that performance is always maintained. It also helps administrators review threat activities and provision security resources to mitigate attacks.