SASE and CASB in the Cloud-First Era

Jun 26, 2024

SASE and CASB in the Cloud-First Era

Overview

  • Presenter: Steve Murphy, VP at ARG (opinions are his own)
  • Focus: Security in a post-COVID cloud-first environment

Introduction to SASE

  • SASE (Secure Access Service Edge): Ensures secure work posture regardless of location, device, or network access.
  • *Two Main Categories of SASE:
    • Network as a Service: Carrier services, SD-WAN, managed access
    • Security as a Service: Cloud-based firewall services, secure web gateways (SWGs), cloud access security brokers (CASBs), zero trust networking
  • Focus on CASB: Fundamental for building a SASE strategy

Why a CASB is Necessary

  • Cloud-First Environment: Organizations moving services to the cloud, leaving firewalls less significant
  • Cloud Benefits: Direct cloud access improves efficiency and user experience, helps with data governance and compliance
  • Unique Cloud Risks: End-user behavior, potential security exploits in cloud services
  • Personal vs. Business Activities: Potential risks from intermixing personal and business activities in cloud access

How CASB Works

  • Intermediary Role: CASB acts as a bridge between cloud environments and users
  • Supported Environments: Platform as a Service (PaaS), Infrastructure as a Service (IaaS), Software as a Service (SaaS)
  • *Key Pillars of CASB:
    • Access control
    • Data protection
    • Threat protection
    • Visibility and policy management

CASB Deployment Models

  1. API Deployment Model: Custom code between CASB and applications
    • *Drawbacks:
      • Not real-time (out-of-band signaling)
      • May require custom development
  2. Agent-Based Deployment Model: Agent on managed endpoints
  3. Agentless Deployment Model: Reverse proxy for non-managed devices (home computers, mobile devices)
    • Compliance Considerations: Avoids violating confidentiality/privacy regulations

Benefits of CASB

  • Access Control: Manages how users access cloud environments and sets specific policies
  • Visibility: Tracks who accesses information, where, and the security posture at the time of access
  • Data Control: Regulates copying, downloading, uploading, and deletion of data
  • Behavioral Monitoring: Monitors unusual access patterns and sets policies accordingly
  • Governance: Reports on data access to ensure compliance
  • Encryption: Protects data with strong encryption capabilities

Ancillary Benefits

  • Policy Enforcement: Establishes policies for data loss prevention, such as controlling uploads to personal cloud resources
  • Compliance Reporting: Generates required compliance reports

Next Steps

  • Contact Information: Provided in the video description
  • Call to Action: Like, subscribe for more content

Thank you!