Get Visibility and Control into your SaaS Apps Usage

Deepak kumar Gunjetti
Jun 2 · 2 min read

Enterprises are using different cloud service providers for IaaS, PaaS and SaaS apps to enhance productivity and reduce cost.

Image for post
Image for post

When using Iaas, PaaS or SaaS, Security is a shared responsibility. Cloud Service Provider is responsible for infrastructure security, User is responsible for Securing Access and Data.

How to secure Access and Data across different cloud service providers which are outside your enterprise perimeter?

This is where Cloud Access Security Broker (CASB) comes in. CASB acts as intermediary between users and cloud service providers. CASB helps with,

Visibility

  • Identify usage of sanctioned and un-sanctioned apps by your Employees.
  • Identify usage of Managed and Un-managed devices to access corporate data.
  • Identify who has access to what resource. Get activity logs to identify who did what.
  • Identify cloud services used and find redundancies.

Compliance

  • Ensure compliance to HIPAA or HITECH for health organization, PCI for retail, FINRA for financial services.

Data Security

  • Identify and Classify the Data residing in SaaS applications.
  • Use DLP to identify and redact sensitive data.
  • Identify Data exposed to public. Change access policies to limit exposer.

Threat Protection

  • Scan for malware.
  • Identify compromised accounts.

CASB Deployment Options

API Scanner

CASB can use OAUTH to scan API’s provided by service provider to get resource inventory, access policies and activity logs and provide notification to IT for any usage violations.

Forward Proxy

User connects to CASB and CASB proxies connection to SaaS applications, with this real time DLP can be applied. On corporate managed devices an endpoint agent is installed, which can control access to sanctioned and un-sanctioned applications.

Reverse Proxy

CASB acts as SSO agent. SaaS applications forward connections to CASB for authentication. CASB will use IDaaS used by organization to authenticate user and session is established with CASB in path between user and SaaS application. Reverse Proxy can control access from managed and un-managed devices and provide real time DLP.

Conclusion

CASB provides visibility and control when using IaaS, PaaS, SaaS applications.

If you are interested in complete solution, , i will make detailed proposal.

andcloud.io

Cloud Consulting and Services

Medium is an open platform where 170 million readers come to find insightful and dynamic thinking. Here, expert and undiscovered voices alike dive into the heart of any topic and bring new ideas to the surface.

Follow the writers, publications, and topics that matter to you, and you’ll see them on your homepage and in your inbox.

If you have a story to tell, knowledge to share, or a perspective to offer — welcome home. It’s easy and free to post your thinking on any topic.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store