CASB 101:

What is a CASB and Why do I need it?

Here are the Top 20 CASB Use Cases

Data security for the Cloud Generation

McAfee Cloud is a cloud access security broker (CASB) that protects data where it lives today, with a solution that was built natively in the cloud, for the cloud. It’s cloud-native data security.

Detect

Gain complete visibility into data, context, and user behavior across all cloud services, users, and devices.

Protect

Apply persistent protection to sensitive information wherever it goes inside or outside the cloud.

Correct

Take real-time actions deep within cloud services to correct policy violations and stop security threats.

Download Data Sheet

Cloud Access Security Brokers report from

Gartner Magic Quadrant

Download the latest CASB Magic Quadrant that evaluates the Top CASB vendors based on completeness of vision and ability to execute.

Download here

Adventist Health System Enforces Security and HIPAA Compliance Policies Across Office 365

“Skyhigh helps us securely enable high-impact cloud services like Office 365 while ensuring data security and compliance with HIPAA.”

Mark Dunkerley

Senior Manager, IT Architecture, Adventist Health System

Product Showcase for

CASB – Cloud Access Security Brokers

Azure

Audit Azure security and compliance configuration

McAfee continuously monitors and audits the security configuration of all managed and unmanaged Azure subscriptions to reduce risk and ensure compliance with external regulations and internal policies. McAfee uses field-tested industry best practices to suggest corrective measures to harden Azure security settings. McAfee automatically constructs a behavior model with dynamic and continuously updated thresholds for each user and group to identify activity indicative of insider threat.

Learn more

Box

Enforce data loss prevention policies in Box

CASB enforces DLP policies across data at rest and in motion to ensure compliance with regulations and internal policies. Supports DLP rules based on keywords, data identifiers, user groups, and regular expressions. Enforcement actions include coach users, notify administrator, block, encrypt, quarantine, tombstone, and delete. Leverage pre-built industry templates, create custom policies, or leverage policies in an existing on-premises DLP solution.

Learn more

Salesforce

Detect internal and external threats to data in Salesforce

McAfee analyzes user activity in Salesforce across multiple heuristics, detects threats, and automatically takes risk-mitigating action. The built-in threat resolution workflow provides a complete audit trail of all user activity to support forensic investigations. As threats are resolved, McAfee automatically incorporates this data into its behavioral models to improve detection accuracy.

Learn more

Shadow IT

Discover all cloud services in use

McAfee discovers all cloud services in use by employees both on and off-network, including thousands of cloud services uncategorized by firewalls and web proxies. The solution’s usage analytics summarize cloud usage in aggregate and at the department and user level with traffic patterns, access count, and usage trends over time, enabling IT to securely enable cloud services that drive productivity and growth.

Learn more

AWS

Detect internal and external threats to AWS infrastructure

McAfee captures a complete record of all user activity in Amazon Web Services (AWS) across multiple heuristics, detects threats, automatically takes risk-mitigating action, and supports forensic investigations. As threats are resolved, McAfee automatically incorporates this data into its behavioral models to improve detection accuracy. McAfee uses field-tested industry best practices to suggest modifications to configuration settings to tighten security and ensure compliance.

Learn more

Office 365

Prevent unauthorized data from being shared externally

McAfee summarizes all collaboration activities with internal users, external partners, and personal emails along with sharing via anonymous links. Real-time policy enforcement ensures files in Office 365 are shared according to corporate policy. Layer in content rules and enforce remediation actions to remove permissions, downgrade permissions, and revoke links.

Learn more

Key Use Cases

Enforce data loss prevention policies across data in the cloud

Content engine automatically classifies sensitive information and enforces controls to remove or quarantine it in the cloud while also preventing data loss via cloud-based email and messaging.

Prevent unauthorized sharing of sensitive data

Detect granular file and folder permissions, including all owners, editors, and viewers, and enforce collaboration policies in real time by downgrading or removing permissions and revoking links.

Block corporate data sync'ing or downloads to personal devices

Use contextual access information, including device operating system and management status to enforce access policies that prevent the download of sensitive corporate data to untrusted devices.

Detect compromised accounts, insider threats

Leverage machine learning to build behavior models that detect active account compromise and insider threats, and apply signatures and sandboxing to identify malware in the cloud and stop threats.

Audit and tighten the security settings of cloud services

Monitor and audit the security configuration of cloud services and get suggested modifications to improve your security posture based on best practices, such auditing and tightening user permissions.

Additional Resources

What Is a Cloud Access Security Broker (CASB)?

Cloud access security brokers are on-premises or cloud-hosted software that act as a security control point between users and cloud services to enforce security, compliance, and governance policies, and help organizations extend the security controls of their on-premises infrastructure to the cloud.

Which CASB Deployment Mode Is Right for Me?

There are multiple CASB deployment options to secure users and data across mobile, desktop, remote, and on-premises use of cloud services. Gartner recommends that customers consider a multi-mode deployment CASB solution to cover all their use cases across all users, devices, and services.

Click Here