Most organizations now depend upon cloud services to deliver business-critical applications and this has increased in response to the coronavirus pandemic. This hybrid IT delivery environment gives rise to many challenges in the areas of management, security, and compliance. These challenges arise because cloud services are not well integrated into the normal IT security processes and technologies used by organizations. In addition, the use of cloud services creates additional risks.
Employees and associates use personal cloud services to perform their jobs without reference to their employer. Line of business managers acquire cloud services without performing a risk assessment or considering the impact of these on compliance. The increasing number of laws and regulations relating to the processing of personal data such as GDPR and CCPA add to these challenges. The uncontrolled use of cloud services also increases cyber-risks; the accessibility of cloud services makes it easier for cyber adversaries to steal or corrupt the organizational data held there, as well as to plant malware.
CASBs (Cloud Access Security Brokers) address many of these challenges by providing visibility of use and control over access to cloud services by organizational users. However, while this is important more is needed to cover all the risks. CASB solutions now have evolved to become an essential component of an integrated approach to cloud security. Today’s CASB needs to be deeply integrated with other end user security controls such as anti-malware, DLP (Data Leak Prevention) and network security gateways to provide a complete cloud security solution.
Cloud services themselves now feature extensive capabilities for the customer to use them securely. However, these capabilities are often not used or are not used correctly. The risks associated with organizational use of cloud services often stem from misconfigurations that leave vulnerabilities which can be exploited by cyber adversaries. To counter these risks, CSPM (Cloud Security Posture Management) functionality to detect, report and remediate these is now expected. CASBs have traditionally focussed on controlling user access to SaaS services and the protection of unstructured data. However, IaaS is increasingly being used to deliver business transformation through new and modernised business applications, CSPM is important to manage the risks from this.
In our opinion, the market for a standalone CASB is shrinking and organizations are now looking for CASB as part of a complete cloud security solution. These are expected to include CASB, CSPM, Data and User Protection, SWG (Secure Web Gateways), as well as Zero Trust Network Controls. In our opinion, this market will expand to embrace the hybrid IT delivery model that is now common as well as the security challenges from the growth in edge computing and 5G.
This report focusses on Microsoft Cloud App Security which is part of Microsoft Enterprise Mobility + Security suite.