Privacy and information security have been on everyone’s lips for many years and are gaining importance with the increasing use of cloud services, especially in corporate IT. In the past, almost all companies have addressed the requirements triangle of “Confidentiality”, “Integrity” and “Availability” by using central, technical solutions that protect and seal off information and other IT assets (firewalls, VPNs, …).

Often, however, this has been and is at the expense of the IT benefit for the end user and leads to the measures being “creatively circumvented”. Public cloud services offer business the necessary functional flexibility in an agile and competitive environment. They can be used on almost any device, regardless of location. At the same time, they elude the established control mechanisms of a central corporate IT system. A new shadow IT is created.

So how can companies continue to ensure that IT governance is enforced?
How can the partly legally binding compliance requirements be fulfilled?

For some years now, various providers have been developing software solutions that address precisely these challenges. Gartner has coined the term “Cloud Access Security Brokers (CASBs)” for this. These are solutions that can be operated in one’s own infrastructure or even in the cloud and whose functionality is divided into four pillars according to Gartner:

  • “Visibility”:
    Transparency about which cloud services are used by which users and which data are affected.
  • “Compliance”
    Monitoring of data content in the cloud to identify regulated data (data protection).
  • “Data Security”
    Ensuring suitable encryption and decryption, for example when a user leaves the system.
  • “Threat Protection”
    Detection of misuse when accessing data and services.

CASBs are architecturally positioned between the user and the cloud services. For example, they integrate existing single sign-on solutions or PKI infrastructures and act as a proxy between the user and the cloud services. However, this also makes it clear that CASBs alone cannot deliver their benefits without the integration of existing or additional security solutions.

How important the bridge function of CASBs is is also shown by the fact that many large cloud or security providers have already built up their own solutions (e.g. IBM Cloud Security) or purchased them (e.g. Microsoft with Adallom).

We at LionGate can only underline the importance of suitable, cloud-compatible security solutions. Surveys show again and again that security concerns are one of the biggest obstacles to the introduction of cloud services in companies. Technologies such as the CASBs are a promising approach to removing these barriers and advancing digital transformation in enterprises.
Contact us to learn how LionGate can help you implement appropriate strategies and solutions.