In a blog published in January (Visibility in the Cloud and the Role of the CASB), I discuss the growing interest expressed by our enterprise clients in cloud access security brokers (CASBs). Throughout our discussions with these clients there has been a consistent theme: Enterprises are excited about the potential of CASBs but have many questions about their practicality.
In response to these questions, the NSS Labs Enterprise Architecture Research Group (EARG) launched the 2018 Cloud Access Security Broker Study in January. This study aims to provide enterprises with the information they need to enact defendable CASB purchases by addressing the following concerns:
- How well do currently available CASB products address my organization’s functional requirements?
- The operational characteristics of a product do matter, so how can my organization gain insight into these characteristics prior to purchase?
- Which deployment architectures best suit my organization, and what dependencies exist?
- What else do I need to know about CASBs that no one is telling me?
The data accrued through our research will inform a number of documents that can be leveraged by enterprises prior to purchasing CASBs. The first of these is part one of a product selection series, entitled Cloud Access Security Broker Product Selection Series (PSS) – Part 1: Strategic Guidance.
CASB Product Selection Series – Part 1: Strategic Guidance
As enterprise consumption of cloud-based applications and services continues, the CASB is becoming a “must-have” rather than a “nice-to-have.” In a recent NSS survey, 87.9% of participants indicated that their organizations utilize a technology they consider a CASB; this is a 27.2% increase compared to the results of an NSS survey in 2017.
Unfortunately, evaluating and deploying a CASB is no small task. In fact, many of the cybersecurity veterans we spoke with consider the selection (and implementation) of a CASB to be the most challenging purchasing decision their organization has made. Insights we gained from these professionals during the initial phase of the 2018 CASB Study are included in Part 1 of the CASB PSS.
Want to Contribute?
Is your organization considering purchasing a CASB? Has your organization already deployed one of these products? If so, we’d love to discuss challenges you’ve faced or overcome. The feedback you provide will continue to bolster our research and provide your peers with the information they need to successfully evaluate, deploy, and manage a CASB. Email us at firstname.lastname@example.org.
John Whetstone leads research focused on cloud and data center security technologies for the NSS Labs Enterprise Architecture Research Group (EARG), whose charter is to help enterprises solve security challenges. He has worked with enterprise cybersecurity products for more than 15 years and has held roles in the IT security industry that include administration, analysis, architecture, and engineering.
NSS Labs’ CASB Product Selection Series – Part 1: Strategic Guidance is now available. Continue to follow along with the EARG as we explore the common use cases for the CASB and examine many of the most popular CASBs.
Follow us on Twitter (@NSSLabs) to keep informed as new research is released.