What is Cloud Access Security Broker?

Cloud Access Security Broker (CASB) is understood simply as the middleware supporting security for cloud applications. CASB can be software or services that stand between the on-premise system of the enterprise and the cloud infrastructure of the cloud service providers. The CASB acts as a deadlock guard that helps businesses enforce security policies beyond the network infrastructure and systems they manage.

Usually, CASB has the main functions:

  • Firewall: Detect and prevent malware from entering the network.
  • Authentication: Identifies users and ensures they are only allowed access to the right resources.
  • Web Application Firewall (WAF): Stops malware designed to infiltrate at the application level, rather than at the network level.
  • Data loss prevention (DLP): Control users sharing sensitive data outdoors.

and a host of other advanced features like encryption, one-stop authentication, behavioral analysis, and more.


How does the Cloud Access Security Broker work?

CASB controls the link between the enterprise on-premise system or employee device and the cloud infrastructure of the cloud service providers and enforces the enterprise security policies.

CASB’s importance stems from its interoperability with cloud applications, which is especially important for businesses that are governed by international law and standards.

CASB automatically scans and identifies the cloud applications in use and determines the risk of these applications, the user risk and some other risks. CASB can perform various access control tasks such as encryption and device configuration. CASB can also perform a number of other features such as credential mapping in cases where one-stop authentication is not available.

Cloud Access Security Broker

Cloud Access Security Broker Applications:

CASB was developed to integrate or work in tandem with other security solutions. CASB is especially useful in organizations with outsourced IT operations, or whose policies allow executive units to purchase and manage their own cloud resources. The data that CASB collects may be used for reasons other than security, such as monitoring cloud service usage for budgeting purposes.



vendor forcepoint