How to Make the Most of Symantec CloudSOC CASB

This blog is the first in a series of articles intended to help customers implement an effective SaaS app security initiative using Symantec’s CASB solution. We have worked directly with many customers struggling  to address SaaS app security challenges and having observed many different approaches.  This series of blogs will share what has worked and what obstacles were overcome along the way. 

Start setting your goals to operate a gold standard CASB

Things can go wrong from the very beginning when customers don’t set goals. And  experience tells us that before a customer can be successful, they need to establish goals.  But it’s not just goals, they also need to set priorities on what they want to accomplish, in what order, review what workload their security team can handle, understand how they will expand their initiative over time while increasing efficiency of the processes they have established. 

While the concept of security being a process rather than a state is pretty much cliché in today’s cybersecurity communities, we still recommend a systematic approach to deploying and operationalizing a CASB solution.  Setting reasonable expectations and feasible milestones rather than starting with a boil the ocean directive is critical to success and to avoiding apathy on the importance of securing SaaS applications and protecting sensitive data.

Fitting CASB to Your Business 

No two organizations are alike, each with different starting points, SaaS app adoption maturity, heterogeneous technologies, different priorities, varying resources, etc. As a result, CASB solutions are really a collection of multiple security solutions on a single platform and are, by nature, adaptable since every customer will have a unique set of needs and priorities.

The three areas to set goals in any CASB rollout are ShadowIT, data at rest (DAR) and data in motion (DIM).  For each of these areas it makes sense to  start small and build based on the level of effort and visibility gained. Under each of these goals will be sub considerations that may included 

1. Understanding data flow and data involved - sensitivity of content, how it is shared
2. The volume of data - how much data, adoption by number of users
3. Understanding the potential risks
4. Policy enforcement
5. Effectiveness and health of the security initiatives

As your implementation takes shape it's valuable to then move the conversation to the use of CASB as a stepping stone to SASE and Zero Trust.

There are of course other considerations but these are the most common we have seen.

How that is solved with Symantec CloudSOC CASB

Symantec CloudSOC CASB is a comprehensive solution containing multiple capabilities for securing SaaS/IaaS applications and solving key customer use cases. Over the next few weeks, we’ll go into more detail on each of these:

• Visibility & Compliance - Visibility into Shadow IT and understanding the risks involved with unchecked adoption of unsanctioned applications. Customers gain an understanding of what SaaS apps are in use, how many users are using them, data flow direction and volume. Many other risk attributes such as types of SaaS apps being used and their hosting locations can also be discovered.
• Data Protection - Accurately monitor and protect your sensitive data stored in the cloud and secure it from accidental loss or insider theft.
• Threat Protection - Defend against a host of cloud threats and malware and ensure employees are not introducing or propagating them through cloud services.
• UEBA - Correlates key information (violations, users, accounts, and assets) to assign risk scores to users and incidents via CloudSOC’s UEBA and machine learning capabilities一allowing adaptive policy actions.

What next?

In this upcoming blog series we will discuss what a healthy gold standard deployment may incorporate and how to review a CASB implementation months after deployment.  

If you have any questions or interest in Symantec CASB (aka CloudSOC) and how it can help you in securing your SaaS/IaaS applications please contact your Broadcom sales team or reach out via contact information on our website.

*We are senior cybersecurity consultants specializing in securing SaaS/IaaS applications with our Cloud Access Security Broker (aka CASB) solution with over a decade of hands-on experience.