📖 What is Cloud Access Security Broker (CASB)?
Cloud Access Security Broker (CASB) is a software tool or service that sits between cloud service consumers and cloud service providers. It enforces security, compliance, and governance policies for data moving to and from the cloud.
"Focus on 'shadow IT'—CASBs are specifically designed to help organizations discover and control unauthorized cloud application usage."
📚 Certification: CompTIA Network+ Certification Exam (N10-009)
🔑 What are the Key Concepts of Cloud Access Security Broker (CASB)?
- ▸ Shadow IT Discovery: Identifying unauthorized cloud applications used by employees to prevent data leaks and ensure compliance with corporate security policies.
- ▸ Data Loss Prevention (DLP): Monitoring and controlling data transfers to the cloud to ensure sensitive information like PII is not uploaded insecurely.
- ▸ Policy Enforcement: Applying consistent security rules, such as multi-factor authentication or access restrictions, across multiple different cloud service providers.
- ▸ Visibility and Governance: Providing a centralized dashboard to audit cloud usage, monitor user behavior, and ensure regulatory compliance across hybrid environments.
- ▸ Deployment Modes: Implementing via API-based integration for data-at-rest or as a forward/reverse proxy for real-time traffic monitoring and control.
🎯 How does Cloud Access Security Broker (CASB) appear on the N10-009 Exam?
A scenario might describe a company discovering that employees are using unauthorized personal storage accounts to share corporate files; you would identify a CASB as the solution to discover and block this shadow IT.
You may be asked to select the best tool for enforcing a single security policy across multiple third-party SaaS applications to ensure consistent data governance and compliance.
Expect questions where you must distinguish between a traditional firewall and a CASB when the primary goal is monitoring API-level interactions with a cloud provider.
❓ Frequently Asked Questions
How does a CASB differ from a Next-Generation Firewall (NGFW)?
While an NGFW controls traffic at the network layer based on ports and protocols, a CASB operates at the application layer, providing deeper visibility into specific cloud app actions and data movements.
What is the relationship between CASB and Shadow IT?
CASBs are the primary tool for combating shadow IT by analyzing network logs to identify which unauthorized cloud services are being accessed by users without IT's knowledge.
Does a CASB only work with SaaS applications?
No, while heavily used for SaaS, CASBs also provide security and governance for PaaS and IaaS environments, ensuring that cloud infrastructure configurations meet security standards.