In our post on using a Cloud Access Security Broker (CASB), we discussed what these tools are used for and how they work. In this post, we’ll explore how to purchase the right product for your particular needs.
A good place to start is to first make an inventory of all the cloud applications your company uses. Don’t be surprised if this inventory uncovers apps that have slipped by your IT department. This process will show you just how prevalent these apps are in the modern enterprise and why you need a CASB to begin with. A popular free tool to consider using is Cofense’s Cloudseeker.
Once you have an idea of the scope and mix of cloud apps your organization uses, you should then narrow your search down to a couple of CASB vendors. You should then request proposals from them for your range of services, the number of endpoints on your network and other relevant specifics about your infrastructure. Most CASB vendors have free service plans with the ability to also discover your cloud portfolio, which you can use to double-check the information gleaned from Cofense’s tool. Most vendors also offer the first month with a limited number of apps or services for free. This will give you an idea of the scale and scope of your exposure and how the tool works within your infrastructure.
As part of your free evaluation period, you might want to pick your most critical apps to pilot a CASB project and run the product through its paces with this smaller set before you widen its scope. This is useful to ensure that you understand what the CASB does and what it doesn’t do, as well as to explore its multi-mode operations if it supports more than one operating mode, forward and reverse proxies and API control. You probably should decide during your evaluation period whether having support for all three is a critical must-have or just nice to have. The pilot and evaluation period will help you explore as many use cases as possible. You should make sure you understand a product’s limitations in each of its three operating modes. Within a single vendor’s product, they do tend to operate slightly differently and that difference can be a deal-breaker as you extend a CASB’s reach across more of your applications infrastructure.
As you move through your evaluation, here’s a checklist of what to consider before you buy a CASB:
Finally, you should calculate the overall costs. Gartner puts the range between $15 per user per year for simple installations of just a few cloud apps to a more robust coverage for multimode unlimited cloud apps at $85 per user per year. Some vendors won’t quote prices until you get to the contract stage, while others are more transparent about their pricing and list them directly on their website.
The links below go to free trial pages or video screencast demos where available.