In recent discussions, I’ve had with industry peers concerning cloud adoption, one thing stood out clearly: we have a namedrop problem in cloud app security. Everyone says they can help you with securing Office 365, Salesforce, Dropbox—the list goes on. But once you peel back the onion a little further, every enterprise has at least a few lesser-known or custom cloud apps. These need visibility and governance—in some cases, even more than those big name apps.
Challenges in the cloud
APIs have become the darling for supporting cloud access and governance, but they also pose a challenge when it comes to less popular or custom apps, as many of them do not have APIs to begin with. This leaves us with only one option—inline or proxy—if we want to be on top of all the apps in our cloud environment.
Many times, security teams are the last to learn about a new app being used in the environment. Business benefits and staying competitive in the marketplace drive the use of productivity-driven apps. As information security practitioners, we don’t necessarily want to stop the use of new apps, but we do have to make sure we keep the risk of shadow IT to a minimum.
If these apps are not sanctioned by IT, realistically, we have two options: to stop the use of a new app until it is formally sanctioned by IT or to allow their use while working to support it as quickly as possible. Neither of these options is great, especially if you talk about adding weeks or months of time to support. This makes it critical for any cloud security solution to support new or custom apps quickly.
Secure any app with Forcepoint CASB
At Forcepoint, we constantly think about all the possible scenarios and provide best-in-breed security solutions for our customers. Our CASB solution is architected support new and custom apps in a matter of a few hours or days. This makes Forcepoint CASB able to support any app—a much different story from the other solutions in the market.
This article was originally published here.