Given the increase in remote work and shadow IT usage, perhaps it shouldn’t be surprising that the cloud access security broker (CASB) market is exploding. Valued at $8.74 billion in 2020, the CASB market is projected to reach $32.9 billion by 2028—a projected compound annual growth rate of roughly 18% from 2021 to 2028.

What are CASBs?

According to Gartner, which coined the term in 2011, “CASBs are on-premises, or cloud-based security policy enforcement points, placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed.” Phrased more simply, CASBs are tools that identify what data are stored in which applications, and importantly, who has access to it.

Monitoring user activity and analyzing cloud data

Through the use of a CASB, IT personnel can not only discover shadow applications and monitor user web requests, but they can also observe all files shared across a given network. For example, through the use of deep packet analysis, administrators can analyze all HTTP and HTTPS data in transit.

Unfortunately, the use of unsanctioned SaaS applications is extremely prevalent in the hybrid work landscape, which makes it so important that IT personnel are able to effectively monitor these apps. With CASBs, IT teams can block risky web applications and identify potentially malicious activity.

Identifying security risks and implementing controls

CASBs work to detect unauthorized user activity, malware attacks, and other potential cloud security security, cloud. Through timely threat identification and incident responses, IT personnel can use CASBs to prevent data leaks. As an example, if an employee innocuously downloads a malware-infected font typography application, an IT admin will be able to identify this security risk through the use of a CASB.

In addition to monitoring user activity and preventing data leaks, CASBs can enforce cloud security policies; this includes blocking file uploads to risky internet applications, and preventing unauthorized data from being transmitted over the network.

CASBs are a great defense against shadow IT 

With CASBs, in a single console, IT administrators can identify the users who are committing risky behavior. When the CASB is used in conjunction with an effective SIEM tool, it can identify malicious activity both on-premises and in the cloud. Also, CASBs can make correlations between events in different parts of a network, helping IT personnel to identify increasingly sophisticated cyberattacks. 

Lastly, seeing as governing bodies are frequently passing data security legislation, CASBs’ ability to facilitate security policy compliance can not be understated. It’s no wonder the CASB market is growing so rapidly.

 Rajesh Ganesan is vice president of product at ManageEngine, a division of Zoho Corporation