Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

CASB delivers must-have protection for your SaaS apps

Tom Henderson | Aug. 9, 2016
Cloud Access Security Brokers are products that can be described as firewall plus identity management plus anti-malware plus DLP plus encryption control/implementation plus threat management.

A feature called Skope-IT in the online portal contains the reporting nervous system of the platform. Inside, we could look at application and connection events, as well as the audit and infrastructure logs. Events or conditions needing administrative action were easy to find, and can be sorted by date, user, user location or activity.

Events, alerts, quarantined items, legal holds, malware finds, and incidents (and their severity) can be easily found through sorting, or the results of a query field action. This may be Netskope’s finest “secret sauce”— rapidly usable and obvious administrative action productivity possibilities.

At the top “full meal deal” resource license, we also had access to Netskope’s ongoing research into specific cloud app ratings. There are a vast number of cloud apps (taken from logs) that have ratings applied by Netskope, as part of its audit capability. This list can also be re-rated based on an organization’s re-estimation of the values used, so as to derive a rating based upon the new assessment.

This permits administrative blocks and restrictions to be imposed on access deliberately based upon the ratings then derived to the resource. It’s the source of much pride at Netskope, and we were surprised to see name brand cloud apps rated in the way they were — some highly secure, others we believed to be highly rated, were not. You can drill into the values and decide to change them. If we had a legal department, we might be arguing with them over ratings, and they might win.

Overall, Netskope is an increasingly sophisticated menu, and if you take all of the courses offered by their waiter, think about the architecture and then program it to suit your needs, it’s an excellent CASB dinner, and the check might be hefty at the end.

Summary

CipherCloud represents extreme depth in encryption mechanisms. Netskope has high programmability, and shares with Bitglass, very good administrative controls. Were we to offer a suggestion as to which one is most flexible with the greatest variety of possible cloud app protections, Netskope barely edges its competitors, but out of the box, Bitglass is likely the fastest route to reasonable protection.

Each product is also dependent on third party platforms, such as SSO, external DLP providers, and organizational firewall/IDS/IPS schemes/threat protection to work in concert with each other. Will traditional firewall and security providers subsume CASB, or will the reverse become true? At this point, we don’t offer a guess. In all likelihood, CASB is a category that because it must rapidly evolve to keep up with cloud apps, will likely digest other categories.

How we tested cloud access security brokers

We used server resources at our NOC at Expedient in Indianapolis, consisting of several VMware and Hyper-V servers on HP, Lenovo, and Dell platforms as hosts for gateway VMs described in the review. In turn, we accessed accounts at Salesforce (including some product-sponsored accounts in the cloud in AWS), as well as Office365 and Box to be used as proof-of-concept examples.

 

Previous Page  1  2  3  4  5  6  7  8  9  Next Page 

Sign up for Computerworld eNewsletters.