cloud access security broker (CASB)

A Cloud Access Security Broker (CASB) is a control entity that resides between a company's employees and cloud services and SaaS applications. Such a CASB broker can be installed in the direct environment of the enterprise or as a cloud-based gateway or proxy through which enterprise traffic must pass.

The CASB broker can therefore view traffic to and from cloud services and SaaS services, detect threats, prevent data leaks, apply the appropriate policies and sanction the offenses.

CASB brokers can detect, identify and eliminate risky users and dangerous applications with the cloud services. For example, intentional threats from a company's own employees or conflicted parties. These can be attacks by means of phishing, password tapping or malware.

Furthermore, it is about the protection of the policies to be implemented, the continuous monitoring and recording of the policies for compliance, the data encryption on the connection to the SaaS provider, via which the confidentiality of the data is ensured, the prevention of data loss and various other security criteria.