It’s clear that where we work and how we collaborate with colleagues have changed dramatically. In a relatively short period of time, many of us have joined the hybrid workforce; employees work where we feel most productive — home offices, branch offices, corporate offices and all points in between.
A location change will also change how we collaborate with our colleagues. In addition to an explosively growing number of Software-as-a-Service (SaaS) apps, this trend has also introduced a new slate of cloud-based collaboration tools to our daily work life. In particular, today we are increasingly dependent on collaboration apps, like Slack, Microsoft Teams or Zoom, to keep connected with colleagues anywhere and everywhere, all day, every day.
These new collaboration tools have ushered in new communication styles with employees using shorter, more frequent messages. These messages consist of multiple posts among two or more users, and share pictures or screenshots instead of traditional documents to quickly convey ideas and information.
When it came to securing cloud-based applications and the sensitive data that flows through them, security teams typically turned to cloud access security brokers (CASBs) to keep their users and data secure. Bad news, though: current CASB solutions can’t keep up with the explosion of modern apps, nor the changes in how we collaborate and share information.
Today’s CASB Falls Short
Confidential information is more unstructured than ever and increasingly difficult to protect with today’s CASB solutions. This makes data breach prevention, compliance and data privacy very difficult tasks for any organization. At the same time, SaaS-based threats are increasing in volume and sophistication, leveraging advanced techniques to target sensitive data and users. As enterprises increase SaaS and collaboration application adoption, security teams are struggling to prevent data breaches while effectively enabling their entire hybrid workforces.
Current generation CASB solutions only partially address today’s business needs, leaving organizations exposed and vulnerable due to several critical limitations:
- Cannot Protect Today’s Most Critical Apps: Legacy CASB solutions focus only on apps accessible via HTTP/S, missing the non-SaaS and non-web apps that account for over half of all enterprise traffic. They rely on static databases and support requests for app discovery, hindering their ability to identify or contain new SaaS apps before they are a risk. What’s more, they lack APIs to secure modern collaboration applications heavily utilized by hybrid workforces.
- Inaccurate Data Protection: Standalone data protection offered in traditional CASB uses inaccurate pattern-based detection that requires a massive amount of manual tuning, limiting its ability to keep pace with the volume and sprawl of sensitive data as well as adapting for the needs of modern collaboration apps. They also only protect data that goes through a proxy and via just a few APIs, relying on separate data loss prevention tools and policies for all other areas of the enterprise including on-premises networks.
- Compliance Before Security: For these current generation CASBs, security has always been just a checkbox feature, offering limited visibility into high-priority threats, as well as poor protections from unknown malware and attacks. Relying on ineffective 3rd party sandboxing across HTTP/s traffic as their only method of threat detection, these solutions provide only minimal coverage across the attack-chain. This leaves customers on their own to identify new, unknown, and high-priority threats.
Contain the SaaS Explosion with Next Generation CASB Delivered on Prisma Access 3.0
Palo Alto Networks is once again elevating the state of cloud-delivered security with the industry’s only next generation CASB, available on Prisma Access 3.0, the industry’s most complete cloud-delivered security platform. Prisma Access is the only solution that protects all app traffic with best-in-class security while delivering an exceptional user experience. The new next generation CASB helps today’s businesses automatically keep pace with the SaaS explosion with proactive visibility, real-time data protection and comprehensive zero-day protections.
This reimagined SASE-native CASB solution enables organizations to safely control thousands of SaaS and collaboration applications:
- See and secure all applications automatically, including the industry's largest number of sanctioned and collaboration apps, powered by ML to stay ahead of the app explosion.
- Accurately protect sensitive data in real-time with the industry’s most comprehensive cloud-delivered enterprise DLP, powered by ML.
- Stop known, unknown, and zero-day threats by leveraging our global network of 80K customers with millions of sensors across SaaS, IaaS, Endpoint, Network and world-leading Unit 42 research.
Palo Alto Networks is focused on leading the transition to cloud-delivered security. We’ve purpose-built Prisma Access to solve the limitations of alternative approaches and current generation solutions, providing access to and security for all apps, so organizations can safely enable secure hybrid workforces. With the introduction of next generation CASB in Prisma Access 3.0, we now extend those industry-leading capabilities to help organizations monitor SaaS usage, protect their sensitive data, and prevent SaaS application risks.
True SASE-Native CASB
SASE must converge best-of-breed security and SD-WAN capabilities in the cloud to deliver exceptional user experiences while reducing security risks.
Prisma SASE, the industry’s most complete SASE solution, converges network security, SD-WAN, and Autonomous Digital Experience Management into a single cloud-delivered service, without compromises. It consolidates multiple point products, including SD-WAN, ZTNA, Cloud SWG, FWaaS, and the industry’s only next generation CASB, into a single, fully integrated service that reduces network and security complexity while increasing organizational agility.
Join us at the Ignite ‘21 session, "Contain the SaaS Explosion with Prisma Access Next Generation CASB," to learn more on how we are once again changing the game in cloud-delivered security with the new next generation CASB in Prisma Access 3.0.