Cloud Security, Channel partners

What Is A Cloud Access Security Broker (CASB)?


MSPs increasingly partner with  cloud access security brokers (CASBs) to expand their managed security services portfolio. But what exactly is a CASB?

Simply put, a CASB delivers products and services designed to address security gaps related to cloud services, according to technology research firm Gartner. It provides cloud-specific capabilities not available with web application firewalls (WAFs), secure web gateways (SWGs) and enterprise firewalls, along with centralized policy and governance support for end users and devices across multiple cloud services.

In addition, a CASB often offers products and services across software-as-a-service (SaaS), platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) models, Gartner indicated. This allows a CASB to help global organizations maintain user and device visibility and control.

How Do CASBs Support Global Organizations?

CASBs support global organizations in four ways:

  • Compliance: Provide information to help organizations evaluate cloud risks.
  • Data Security: Empower organizations to develop and enforce data-centric security policies.
  • Threat Protection: Stop unauthorized devices, end users and versions of applications from accessing cloud services.
  • Visibility: Offer shadow IT discovery, a consolidated view of an organization's cloud service landscape and details about users who access data in cloud services.

CASB capabilities are frequently delivered as a SaaS application, Gartner indicated. They also may be administered in conjunction with an on-premises virtual or physical appliance.

A Closer Look at the CASB Market

Gartner named the following companies as leaders in its "Magic Quadrant for Cloud Access Security Brokers" for 2018:

  • Bitglass: Offers sensitive data discovery, classification and protection, along with document management and protection.
  • McAfee: Provides data loss protection (DLP), SWGs and network sandboxing. McAfee previously acquired Skyhigh Networks to augmented its CASB portfolio.
  • Netskope: Delivers both cloud application discovery and SaaS security posture assessments, as well as behavior analytics and alerting within managed and unmanaged SaaS applications.
  • SymantecOffers Symantec CloudSOC, a multimode CASB with an optional data encryption and tokenization gateway.

Among 14 CASB startups launched since 2011, nine have been acquired. The "volatility" from these acquisitions has caused confusion among global organizations looking to partner with CASBs, Gartner indicated.

What Does the Future Hold for the CASB Market?

The CASB market has grown significantly over the past few years. Going forward, market vendors are focused on adding security value to their cloud services, according to Gartner.

Sixty percent of large enterprises are expected to use a CASB to govern some cloud services, up from 20 percent today, Gartner pointed out. Furthermore, the CASB market likely will be dominated by full-featured platform providers for the next three to five years.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.