Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

CASB delivers must-have protection for your SaaS apps

Tom Henderson | Aug. 9, 2016
Cloud Access Security Brokers are products that can be described as firewall plus identity management plus anti-malware plus DLP plus encryption control/implementation plus threat management.

Cloud Access Security Brokers are products that can be described as firewall plus identity management plus anti-malware plus DLP plus encryption control/implementation plus threat management.

CASB products have become increasingly important as enterprises look to extend their on-premises security policies to their cloud-based assets. We looked at three products -- CipherCloud, Bitglass, and Netskope. Each one takes a different, yet ingenious, approach to the task of stopping unauthorized, inappropriate, or uncontrolled cloud asset access and manipulation.

Security brokers require varying degrees of work, we found in our review, but they pay off in important ways. While it’s impossible for us to test all use cases and to scale as high as vendor claims, we were able to get a good feel for both the features of these products and for potential scalability.

  • If you’re part of a huge organization, a multinational, with many users in difficult locales, we’d choose CipherCloud for its sheer depth and the power of its encryption techniques.
  • Bitglass also has interesting features and a lot of control to back up specific popular SaaS apps. Also, Bitglass can watermark files in such a way as to trace exfiltration forensically.
  • Netskope scored the highest in our review, just edging out CipherCloud and Bitglass. It has a complex setup, but widely and deeply covers sanctioned brand-name SaaS sources, using gradients of multi-faceted, bolt-things-down methodology.

Another thing to keep in mind: CASB is a critical security resource, so it requires administration, monitoring, and help desk personnel, along with astute installation. Adopting one is important, but non-trivial.

Here are the individual reviews:

Net results

PRODUCT

Netskope Active Platform

CipherCloud Trust Platform

Bitglass

COMPANY

Netskope

CipherCloud

Bitglass

PRICE

Starts at $8 per user per month for Discovery, $15 per month for the Active Platform. Options such as DLP, Encryption, and Malware Protection are priced separately.

Starts at $2/month to $30/user month + maintenance costs/help desk costs + those that use a gateway with on-premises can be $30-150K depending on complexity.

Breach Discovery + Log analysis, $2/user/mo. Add Mobile-only protection, $5/user/mo. Standard edition (mobile+web+DLP) $10/user/month, Enterprise (includes encryption and specific app control) $30/user/month).

PROS

Detailed platform with very good analytics and administrative tracking; flexible and deep cloud app intelligence, high potential programmability

Extreme encryption flexibility and with it, DLP control for large organizations needing international regulatory compliance

Detailed and broad canned application control, graduated services

CONS

Docs could use work; a la carte pricing and configuration potentially inconvenient

Requires platform dedicated work costs; potential additive cloud app coverage costs

Comparatively less programmability.

CipherCloud Trust Platform

CipherCloud provides a hypervised gateway appliance priced per user. Inside the appliance are three functional components, administrative, security, and connectors specific to managed CASB resources. Pricing, like the other products in this review, is based in gradients of services provided.

 

1  2  3  4  5  6  7  8  9  Next Page 

Sign up for Computerworld eNewsletters.