Data Classification as a Catalyst – Cloud Access Security Broker (CASB)

Employee round-table discussion
Reading Time: 2 minutes

Cloud computing has forever changed the way many companies do business. With rapid implementation, lower initial financial requirements and a platform agnostic, mobile-friendly approach the ubiquity of the internet fosters an always on/anywhere capability never enjoyed before.

More than simply a consideration for forward-thinking organizations, migrating data and computer workloads to the cloud for both existing and new IT initiatives is a crucial  operational move to compete in today’s markets. For a number of reasons, when considering deployment options available today, many organizations have a preferential resource allocation bias towards ‘cloud-first’ or even ‘cloud-only’ models leaving “on-premises” solutions needing justification for data center expansion.

There are implementation, scalability and availability benefits that candidly cannot easily be realized in a traditional data center model without significantly higher overall operating costs. Additionally, the ability to support a workforce that is increasingly mobile and expect anywhere/anytime access on a multitude of form factors makes cloud an obvious first choice. There are however, considerations to be made before enjoying those favorable costs, speed to deploy and seemingly painless provisioning – data governance.

The allure of moving data and workloads to the cloud often occurs without appropriate oversight or organizational approval – regularly leading to poorly understood data management responsibilities and exposure to risks unknown to IT leadership. In many cases, and in an effort to bypass IT bureaucratic hurdles, business units pursuing unsanctioned provisioning of IT services (Shadow IT) fail to take all aspects of data governance into consideration – leaving regulated data residency, encryption and stewardship unaddressed. Eventually those efforts to achieve the perceived cost savings and speed to implementation surface and the need to remediate, where an option, must be pursued.

The risk, cost and lost opportunity in failed migrations to the cloud not only derail corporate initiates, but also undermines the future acceptance of any cloud migration efforts. As the 2017 edition of The Data Economy Report, EVOLUTION discovered “40% of businesses across NAM and APJ have, at some point, moved workloads to a public cloud solution and then needed to return it on premise.” While the promises of cost savings, rapid implementation and elastic provisioning are desirable outcomes, the unexpectedly high rate of failure demands that process rigor and data governance capabilities be brought to bear.

 Rather than a barrier to be overcome, effective CASB implementation can foster and encourage cloud adoption and the benefits that it offers, while affording IT the desired transparency necessary to apply a host of data-centric controls.

With the additional clarity provided by data classification, CASB’s (such as our best-of-breed partner Bitglass’ solution) can efficiently make policy decisions reflecting data governance mandates to block, quarantine, encrypt, track, redact or apply Digital Rights Management (DRM) where necessary with little to no disruption to user workflow when cloud-bound data is within policy.