Forcepoint CASB (Cloud Access Security Broker)

Forcepoint CASB provides visibility and control over sanctioned and unsanctioned cloud apps to enable their safe and productive use.

Discover Shadow IT & Risk

Unsanctioned adoption of cloud apps is a top cloud security concern for enterprises. Forcepoint CASB’s secure and non-intrusive approach to cloud app discovery and risk scoring ensures that IT can eliminate blind spots by uncovering what cloud apps are used by employees and their risk profiles.

Prevent Leaks of Sensitive Data

Inspect files and cloud content in real-time to prevent the malicious or unintentional leakage of confidential information. Identify and analyze sensitive or regulated data stored in cloud file-sync services to understand sharing permissions exposure and ensure compliance with regulations such as PCI, SOX, and HIPAA.

Control BYOD Access

Minimize the risk of data proliferation to unmanaged or untrusted devices by enforcing device-based access rules. Prevent the downloading or syncing of data to unmanaged devices while allowing online access only to cloud data.

Detect & Block Cyber Attacks

Forcepoint CASB monitors all user activity and analyzes usage patterns to rapidly detect anomalies that can indicate an account takeover. The dashboard provides a wealth of cloud analytics, highlighting suspicious activities and attempts to compromise accounts.

Identify Security Gaps

Forcepoint CASB uses cloud APIs to analyze your cloud tenants, helping IT review users and admins to detect dormant accounts, external users, and ex-employees that might still have access to your cloud apps. In addition, Forcepoint CASB inspects your tenant security configurations to detect deficiencies and to recommend best-practice settings for effective cloud governance.

Optimize Detection of Anomalies and Threats

Forcepoint CASB is the only cloud access security broker out there that protects enterprise data from theft and loss due to compromised, malicious, and careless users and that correlates activity anomalies with risky IP addresses.

Cloud Governance

Cloud App Discovery

Uncovers cloud apps – sanctioned and unsanctioned – by inspecting data in user access logs across the enterprise. Also, Forcepoint CASB provides a searchable Cloud App Directory where customers can view details, including customized risk factors, for each cloud app discovered.

Cloud App Risk Scoring

Harness the ability to categorize and prioritize each cloud app as high, medium, or low risk. Application risk scoring and weighting are based on several categories (Compliance, Security Settings, General Info, Data Leakage, Data Ownership, Account Termination Policy and Auditing), the consolidated results of which can help you prioritize your risk mitigation “to do” list.

Detection of Compliance Gaps

Gain visibility into cloud app security settings and get notified when SaaS admins make critical configuration changes. Forcepoint CASB compares these settings against a set of industry best practices or compliance standards (e.g., HIPAA, PCI DSS, ISO, CSA) and highlights deficiencies that require immediate attention.

Data Governance

Scan corporate files and data stored in file-sharing services such as OneDrive, Box, Dropbox and Google Drive. See which ones are sensitive or contain regulated data so that you can initiate a remediation workflow, if necessary (e.g., alert) to meet your compliance requirements.

Cloud App Metrics

Automate the process of determining what cloud apps users are accessing and details the number of users, activity level, traffic volume and usage hours for each app.

Identification of Overspend

Review the entitlements of your users. You could be overlooking potential areas of risk or possibly some cost savings opportunities.

Audit & Protection

Enforce BYOD Access Rules to Prevent Data Proliferation

Prevent data proliferation to unmanaged devices through auto-sync clients such as Outlook, OneDrive for Business and Box Sync. Forcepoint CASB distinguishes between managed and unmanaged devices so you can create granular device-based access rules to stop data proliferation.

Prevent Data Leakage

Forcepoint CASB inspects content in real-time, scanning for keywords, phrases, regular expressions, and several other parameters, to ensure compliance with regulations such as PCI DSS, HIPAA, HITECH, GLBA and SOX by applying comprehensive data leak prevention (DLP) capabilities. Forcepoint CASB also includes an ICAP interface to integrate with 3rd-party DLP solutions.

Identify Access Anomalies and Threats

Forcepoint CASB strengthens cloud security by detecting access anomalies and issues that may indicate an external or insider threat targeting your data.

Monitor User & Admin Activity

Create a clear and accurate picture of user activity attributes, including user ID, department, location, time, device, application actions and data objects accessed. Track, monitor, and report all administrative and privileged user activity, including data accesses, configuration changes and user permission modifications.

Case Studies