How to Use a CASB to Secure Remote and Other Operations

How Agencies Gain Visibility with CASBs

CASBs serve as an additional security layer between cloud service providers and end users.

The solutions can provide greater visibility into cloud application use, potentially helping agencies track user behavior, authenticate users, enforce policies surrounding sensitive information storage and sharing, and meet various compliance requirements.

CASBs may help an agency determine, for instance, that an employee has downloaded a nonsanctioned and possibly problematic application. They can also enhance overall data protection efforts through methods like encryption.

Federal agencies began using CASBs more frequently about three or four years ago, according to Andras Cser, vice president and principal analyst for security and risk management at Forrester.

The CASB offered by Skyhigh Networks (later acquired by McAfee), for instance, received FedRAMP certification for meeting the program’s security requirements in mid-2016.

“Data protection was the main driver for CASB adoption, along with FedRAMP,” Cser says. “The advantages include shadow IT detection, data leak prevention and threat detection through scrutinizing unusual traffic patterns, and malware detection. CASBs help prevent confidential data loss in cloud apps.”

Today, a number of agencies — including the National Oceanic and Atmospheric Administration, the Food and Drug Administration and the departments of Transportation and Energy — utilize CASB tools such as McAfee’s MVISION Cloud or Cisco’s Cloudlock.

EXPLORE: How can security keep up with multicloud environments? 

FDA Uses Its CASB for Cloud Security

Given that the FDA works to ensure the safety and quality of products that range from medical devices to much of the food supply — which, according to the agency, accounts for roughly 20 cents of every dollar Americans spend each year — data housed within the agency’s information systems could clearly be an enticing target.

Hackers have targeted the agency before. In 2013, an FDA electronic submissions gateway was reportedly breached by an unauthorized user, according to a Government Accountability Office report.

The FDA’s CASB solution, implemented in 2017, provides near real-time situational awareness and visibility into cloud activity and assists the agency in enforcing security controls, helping ensure the confidentiality, integrity and availability of industry and public health information, according to FDA spokesperson Courtney Rhodes.

“The agency recognizes the risks associated with operating a global IT enterprise in support of our public health mission, particularly during this critical time,” Rhodes says.

“Our CASB solution has been integral to our defense-in-depth strategy by enhancing our data loss prevention capabilities and cyberdefenses in addressing the evolving threat landscape.”

MORE FROM FEDTECH: Find out how to effectively plan for a hybrid cloud environment.

NASA Uses a CASB to Track Increase in Cloud Usage

Anticipating that vendors’ software delivery model would be transitioning to applications that were situated in the cloud, NASA also began using a CASB solution, the Skyhigh product now owned by McAfee, in fall 2017, according to Raymond O’Brien, service manager for NASA.

“We knew the NASA workforce would want to use that cloud delivery model and wanted to get ahead by ensuring we had visibility,” O’Brien says. “The ability to see what’s being used by the entire workforce, which may not be evident because it’s intermingled with other internet traffic, lets us get a better view of just the cloud applications.”

The solution’s graphing capabilities allow the agency to track how cloud ­service use has increased over periods of time, according to Mary Jo Alfano, cloud analyst at NASA. Coupled with indicators of high-risk services, that helps the agency determine where to focus its attention.

“That’s probably the biggest way we use graphs — to keep an eye on and adjust the planned approach to a particular application, based on an overall trend analysis,” Alfano says. “The graphing feature also helps with keeping an eye on the data that feeds into the tool itself.

“On a Friday, for example, if some area of the network that’s been receiving a consistent amount of traffic receives none at all, we know one of our data feeds has dropped and we need to make a phone call.”

Cloud-based solutions have become a popular implementation; in addition to helping facilitate employees’ desire or need for remote access, they can relieve the operational burden on-premises solution maintenance may present.

LEARN MORE: How can CASBs and behavioral analysis boost security? 

The CASB Model Is Here to Stay

As O’Brien points out, having to support software that’s shipped to customers who may run it on multiple operating systems (and use different versions and releases) involves an expense. 

As a result, the cloud-based Software as a Service model — and CASBs, which, he says, offer an unparalleled view of application activity — are more than likely here to stay. Currently, the CASB market is experiencing 5 to 8 percent annual growth, according to Cser.

“There was a time when there were just a few vendors; now, I’m not sure you can be a security solution vendor and not have a CASB tool,” O’Brien says. “CASB solutions have really taken off because the workforce wants to use cloud services.

“However, enterprises still have to deal with security, intellectual property protection, and sensitive data and confidentiality requirements; that’s why CASB growth is exploding.