Was ist Cloud-Sicherheit?
Shared computing has migrated from the data center and moved into the cloud.
Clouds can be accessed from anywhere. Users no longer need to be a computer scientist to use shared resources. Cloud computing is simple and intuitive. Software-defined services manage the orchestration of all the underlying technologies. Interfaces are designed so IT professionals can take quick advantage of their cloud applications. For many businesses, users are productive in a matter of hours or days.
Laden Sie unser eBook herunter. Dieser neue Ansatz für die Vernetzung umfasst eine Reihe von vollständig integrierten, über die Cloud verwalteten Security-Services, die vor Ort oder in der Cloud mit zentral verwalteter Sicherheit bereitgestellt werden. Erfahren Sie, wie Sie:
- Verringerung der Komplexität und des betrieblichen Aufwands
- Benutzerfreundlichkeit / Transparenz für Anwender
- Mehr Sicherheit durch einen Zero-Trust-Netzwerkzugriff
The Cloud Advantage
There are many benefits to adopting a cloud strategy.
- The overall business becomes more agile.
- New products and services are brought to market and generating revenue more quickly.
- Cloud services allow organizations to avoid new internal IT infrastructure costs.
- IT overhead is reduced by 30% because services, infrastructures, and administration are migrated out of the data center and into a self-service cloud model.
- IT professionals can focus on strategic business imperatives and worry less about day-to-day operational issues.
- IT expenses are not rigid and fixed but are usage-based to better mirror rises and falls in business activity.
- QoS (Quality of Service) for remote users and sites is improved because they are closer to their applications and data. Cloud resources scale automatically to maintain predetermined performance and availability requirements.
CASBs monitor activity and enforce security policies for the cloud. They reside in the communication path between remote users and cloud-based applications. Since they must be in the data path, CASBs offered as a cloud-based service is the obvious choice for protecting cloud-based applications.
Most cloud applications are intended to serve a distributed workforce located across several sites, time zones, or continents. These remote users rely on local cloud entry points to ensure QoS levels are met and that their security experience is the same regardless of where they are located. CASB, as a cloud-based service, can reside at these entry points to provide secure access, track user activity, and provide data protection.
A Diverse set of Cybersecurity Capabilities
CASB as a service is invaluable for any organization dependent on cloud services. It provides a diverse set of essential cyber-security capabilities.
Access Control
>Adaptive, secure cloud access control is contextual access control. It inspects not only user credentials but the device, location, operating system, and source of the request, such as another application. It provides holistic and unified access control for all local and remote users.
Cyber Threat Detection
>If a threat, such as malware, is detected from either the user or application, the communication is halted. To help ensure complete security, CASBs can inspect alerts and logs generated by other security devices such as firewalls, secure web gateways, and additional proxy security devices. If properly orchestrated, CASBs can instruct other devices to take action.
DLP (Data Loss Protection)
>CASBs inspect, track, and intercept outgoing communication containing sensitive information such as security credentials, credit card details, or controlled documents. It monitors what is viewed, retrieved, or copied and blocks unauthorized activity.
Outbound Encryption
>Information leaving the cloud application and destined for a client may contain confidential information. CASBs can be configured with policies, including integration with digital rights management, that identifies such data. It will either encrypt the entire data set or use tokenization to scramble the sensitive portion of the content.
Compliance
>CASB solutions can classify data to support compliance and data governance. Data such as those regulated for GDPR and HIPAA compliance can be intercepted and inspected. CASBs help to ensure that only trusted and authorized recipients are receiving governed information.
Application Usage
>CASB solutions track user access, movement, actions, and behavior. The information provides visibility for IT professionals into how applications are used. It makes it easier to determine which applications are useful and gaining interest versus those that should be retired or updated. It’s also valuable to understand if users are accessing applications that are not authorized. CASB also logs details about interactions and the volume of data being exchanged, which helps IT professionals with future planning, cost accounting, and creating new policies.
Adaptive, secure cloud access control is contextual access control. It inspects not only user credentials but the device, location, operating system, and source of the request, such as another application. It provides holistic and unified access control for all local and remote users.
If a threat, such as malware, is detected from either the user or application, the communication is halted. To help ensure complete security, CASBs can inspect alerts and logs generated by other security devices such as firewalls, secure web gateways, and additional proxy security devices. If properly orchestrated, CASBs can instruct other devices to take action.
CASBs inspect, track, and intercept outgoing communication containing sensitive information such as security credentials, credit card details, or controlled documents. It monitors what is viewed, retrieved, or copied and blocks unauthorized activity.
Information leaving the cloud application and destined for a client may contain confidential information. CASBs can be configured with policies, including integration with digital rights management, that identifies such data. It will either encrypt the entire data set or use tokenization to scramble the sensitive portion of the content.
CASB solutions can classify data to support compliance and data governance. Data such as those regulated for GDPR and HIPAA compliance can be intercepted and inspected. CASBs help to ensure that only trusted and authorized recipients are receiving governed information.
CASB solutions track user access, movement, actions, and behavior. The information provides visibility for IT professionals into how applications are used. It makes it easier to determine which applications are useful and gaining interest versus those that should be retired or updated. It’s also valuable to understand if users are accessing applications that are not authorized. CASB also logs details about interactions and the volume of data being exchanged, which helps IT professionals with future planning, cost accounting, and creating new policies.
Adding Enterprise Security to Software-Defined Networks
CASB as a cloud-based service provides a wide variety of valuable cybersecurity capabilities to ensure your cloud environment is well understood, protected, and secure.
Contact our customer advocates and learn about our CASB cloud security services. Learn more about implementing a complete cybersecurity posture with MDR (Managed Detection and Response) or SASE (Secure Access Service Edge).
