Cloud Security Brokers: An MSP’s New Best Friend?
Attend any big industry conclave about the changing nature of cloud computing and it’s hard to escape the chatter around the importance of cloud access security brokers.
The emergence of CASBs, as they are known, couldn’t be more perfectly timed. Here’s why.
In the last year or two, IT departments have struggled to blunt a nascent tendency among many employees who decide on their own to use unsupported hardware and software on their corporate networks. Nobody asks permission. They just do it. That violates corporate policy and can constitute grounds for immediate termination.
But corporate security managers still seem powerless to root out the practice, popularly known by the umbrella term “shadow IT.” Statistics vary, but published reports estimate that the typical firm now has on the order of 15 to 22 times more cloud applications running in the workplace than have been authorized by the CIO.
I’m Only Trying to Help
Employees are obviously not supposed to unilaterally decide what hardware and software they can use at the workplace. But going behind IT’s back to deploy products is really nothing new. As more cutting-edge technologies enter the mainstream, blurring the lines between personal and business tech, it’s often the case that consumers start using the latest hot device before before they become widespread in businesses.
For instance, after desktop publishing was invented in the 1980s, enterprises were slow to embrace the technology. So employees would sneak systems into their companies to prove DTP’s worth to their managers before officially requesting IT requisitions.
The same ostensible goal applies with shadow IT, where employees believe they are working to help improve departmental efficiency and see nothing wrong with it if they can speed up the acquisition process and get products that make their jobs easier. What’s more, they can point to case studies offering evidence that shadow IT actually encourages employee innovation and increases productivity.
When cloud computing first came into vogue, employees felt they had to go to IT. But familiarity may breeds laxness, and it’s no longer extraordinary to find a sales branch going off on its own when it wants to store its contract in DropBox or decides that it likes a cool CRM cloud tool. They are just repeating what they do at home with their personal technologies. If it works there, why can’t it do the same at the office?
But security isn’t something that companies can afford to worry about later. If IT has no idea what’s being used in connection with the corporate cloud, that opens a veritable Pandora’s Box of troubles.
For instance, if employees decide on their own to store corporate information in personal DropBox accounts–a practice that goes on all the time–it raises potentially sticky compliance questions and increases a company’s overall risk profile. If IT is unable to vouch for the security protections offered by unauthorized third-party suppliers, it’s basically playing Russian Roulette with the security of the company cloud.
IT Ain’t What It Once Was
IT departments may have assumed they didn’t have a “cloud” problem, but you can’t stop something that you don’t know is going on.
That’s where CASBs can fill the void–by offering a combination of APIs and traffic inspection technology to detect any employee misuse of cloud resources. The CASB platform resides between the cloud service and the enterprise, playing the role of gatekeeper to verify that cloud apps are being properly used.
At the same time, CASB systems generate more accurate usage profiles, so the CIO now knows exactly what his or her employees are doing with their data when they access the corporate cloud.
This also reflects another long-running trend with the enterprise: IT no longer exerts the control that it once did, and that trend is only going to get more pronounced. That means companies need to consider alternative ways to introduce a sense of tech discipline or suffer the use of unsanctioned products with all that entails. Too many individuals and groups are ready to move faster than their employers. And, when it comes to the cloud, that can be bad news indeed.
This content is underwritten by VMware — and is editorially independent. It is produced in accordance with conventional standards of business journalism.
Charles Cooper is an award-winning freelance author who writes about business and technology. During his 30-plus year career, he has worked as an executive editor at several leading tech publications including CNET, ZDNet, PC Week and Computer Shopper.