Aaron’s protects data in custom applications built on ServiceNow with the Developer Platform – Watch the story.
4 Ways CASBs Differ from Cloud DLP
What is a CASB?CASB stands for cloud access security broker. It’s a type of security platform that sits between an enterprise network and a cloud provider’s infrastructure, allowing for the monitoring and remediation of incidents that occur between the network layer and the cloud. “Before the CASB era, enterprise security managers had no visibility into how all their data was protected,” explains CSO Online. “As cloud computing took off, enterprises needed a way to deliver consistent security across multiple clouds and [protect] everyone using their data. CASBs arrived to help give organizations much deeper visibility into cloud and software-as-a-service (SaaS) usage — down to individual file names and data elements.” CASBs offered an early solution to enterprises looking to protect data as it moves to and from unsecured devices, but today’s CASBs do not provide the same holistic solution they once promised.
4 ways CASBs differ from cloud DLPCASBs are often conflated with cloud data loss prevention services like Nightfall. Historically, CASBs worked well when an enterprise was able to control and secure every point through which data could be transferred. All it took was adding a CASB to secure corporate desktop and corporate email and be assured that data would be safe. However, because so many of us are working from home and accessing work data on multiple devices, cloud DLP is augmenting – and sometimes replacing – the efficacy of CASBs. Cloud DLP can fill in where CASBs fall short. Cloud DLP solutions like Nightfall connect with cloud applications through APIs, giving application-layer visibility to security teams who need to remediate data security incidents in the cloud. We’ll use Nightfall as a point of comparison to demonstrate how cloud DLP is different than CASBs across four categories.
Layer of visibilityA cloud access security broker offers IT professionals with limited visibility into their system security. CASBs typically sit between the enterprise network and the application layer of SaaS and IaaS platforms. This means that while you can observe and remediate data incidents between these layers, threat visibility and risk management generally do not extend within these services. Any personally-identifiable information (PII) shared within Slack, for instance, would not be protected by a CASB. There are some exceptions though, with some CASBs providing some cloud visibility through a virtual appliance connecting to cloud services. Compare this limited visibility to Nightfall, which uses APIs to integrate at the application level of popular SaaS and IaaS services: Slack, GitHub, Atlassian, and AWS. This type of integration gives IT professionals the enhanced capability to detect, classify, and protect data within these services.
Scope of detectionNot every CASB is created equal: CASBs can vary in the scope of what they’re capable of detecting, depending on if they are deployed on-premises or as virtual appliances sitting between cloud services. Traditional on-premises CASB deployments can only detect network layer information such as file sizes, upload/download speed, etc. While some CASB deployments allow for limited visibility into cloud applications, they don’t universally leverage machine learning to classify and detect data in the cloud. Nightfall’s cloud DLP service uses 100+ machine learning detectors to identify common types of PII, such as credentials, keys, and other sensitive data. Nightfall’s detectors can identify these as text strings within code or applications directly using context or within various file types (images, PDFs, CSVs, etc.). And, unlike legacy DLP methods, Nightfall considers the context surrounding a given token in order to accurately classify it. This means Nightfall performs well on unstructured and ambiguous data, which is increasingly common in enterprises today.
Ease of implementationThere’s a fair amount of technical know-how needed to properly get a CASB up and running. CASBs have multiple deployment models, depending on the type of CASB and specific use case involved, and most CASBs have to be set up by network administrators who thoroughly understand an organization’s data policy – otherwise, you risk misconfiguring the CASB and negating some of its potential usefulness as a security tool. Nightfall is lightweight and an easy lift in terms of getting set up and ready to go. Nightfall integrates with cloud services and infrastructure in seconds through API connectors. Its plug-and-play nature means nearly anyone can set it up without hassle. “Nightfall saves us many hours of development by working across all our projects with minimal time spent on configuration,” reported a representative from Calgary Public Library, one of Nightfall’s clients.
Options for remediationBecause configurations can vary, organizations might need multiple instances of a single CASB or multiple CASBs to comprehensively address their data policy needs. IT security teams that are seeking a complete security system may have trouble finding that in just one CASB agreement. “To provide a full complement of CASB services, many major CASBs have at some point acquired a product or company that they bundle with their other previously existing products. They may also partner with external companies to offer additional services,” writes one expert. Adding these different elements can create a logistical nightmare for enterprise security teams. Compare this to Nightfall, an easy solution that provides a single pane of glass to secure your SaaS and IaaS stack. From a single dashboard, you can view incident analytics as well as create automated notifications and deletion workflows to manage your cloud security. Whereas CASBs will only cover your new data, Nightfall can sync with your tech stack to scan and protect historical data. For instance, Nightfall DLP for GitHub, a GitHub repository scanner, gives entire teams a way to scan any data within your repositories. For individual developers, the Nightfall DLP GitHub Action provides detectors that can be set to scan code before a pull request is merged. This pre-merge scanning process can also be automated through GitHub workflows, giving you coverage on all your historical data as it exists today in GitHub and proactive protection going forward. Learn more about Nightfall’s cloud DLP capabilities by scheduling a call with one of our experts at the link below.
Subscribe to our newsletter
Receive our latest content and updates
Nightfall is the industry’s first cloud-native DLP platform that discovers, classifies, and protects data via machine learning. Nightfall is designed to work with popular SaaS applications like Slack, Google Drive, GitHub, Confluence, Jira, and many more via our Developer Platform. You can schedule a demo with us below to see the Nightfall platform in action.
Schedule a Demo
Select a time that works for you below for 30 minutes. Once confirmed, you’ll receive a calendar invite with a Zoom link. If you don’t see a suitable time, please reach out to us via email at firstname.lastname@example.org.