CASB Provides In-App Controls for Granular Access Decisions

The iboss Cloud Platform delivers the CASB capabilities and features you need to reduce risk while users access cloud applications

The ability to apply fine grained controls and gain visibility into cloud application use is critical with the move of applications to the cloud. The iboss Cloud Platform is the gateway to the cloud giving it the ability to control cloud applications and provide visibility into cloud application use. Cloud application controls are extensive and rangefrom Facebook to Google to Microsoft. This includes making Facebook read-only, ensuring access to Google Drive is corporate only and leveraging Microsoft365 Tenant restrictions.

Control cloud applications such as Facebook, LinkedIn and Twitter to ensure compliance

The iboss Platform includes extensive cloud application controls spanning applications such as Spotify, Pinterest, Facebook, Twitter, LinkedIn, and commonly used  Search Engines. The policies can be applied on a per user or per group basis to prevent actions such as posting sensitive information to social media sites which violate PCI and HIPAA compliance. In addition, visibility into applications is provided in detailed real-time dashboards and drill down reports. Since the iboss Platform lives in the cloud, control and visibility is applied to all users regardless of location.

Extensive Google application controls including YouTube and Google Drive

Application controls span the suite of Google Apps, including Google Drive. This includes enforcing Safe Search on Google to reduce liability and ensure compliance as well as controls across the vast suite of Google Applications. Applications include Google Cloud Print, Google Trends, Google Research, Google Wallet, Google Maps, Google Translation, Shopping, Google Groups, Google Play, Google Video, Google Sites, Gmail, and Google Earth. In addition, Gmail, Google Drive, Google Docs, Google Plus, Google Groups and Google Sites can be restricted to only company use by restricting access to the registered G-Suite company domain.

Gen-3 CASB Protection Prevents Data Loss from Shadow IT

The iboss cloud provides the most powerful Gen-3 CASB on the market, ensuring data transfers from devices are controlled and remain within corporate owned cloud accounts. For example, if a user is accessing Microsoft 365 from the office or at home, data transfers from the device are forced into the corporate owned Microsoft 365 account. For Google services, such as Google Drive, file uploads can be forced to the organization’s Google Drive account instead of a personal use Google Drive account. Slack can also be controlled so that the use of messaging remains within the corporate Slack account. Gen-3 CASB prevents data loss and shadow IT by controlling the network data from the device to destinations in the cloud. Gen-3 CASB protects what legacy CASB technology misses by ensuring all corporate data transfers stay in corporate owned cloud accounts.

The iboss cloud platform provides full visibility into cloud application use and access across all users and devices

Whether a user is in the office or working from home, they are always connected through the iboss cloud platform. This ensures full visibility into cloud application use, including access and data transfers. The CASB dashboards are easy to use and provide top cloud applications, top CASB categories, and top cloud application users. Details for cloud application use are broken down to the user detail to determine high risk user activities and cloud application use. CASB PDF reports can be generated using built-in templates. And best of all, CASB delivered by iboss cloud can be setup in minutes as devices are connected to iboss cloud providing the visibility and control needed to make Gen-3 CASB possible.

Out-of-Band CASB Protection (API CASB)

The iboss Cloud Platform offers CASB via APIs from cloud solution vendors including Box, Dropbox, Google, Salesforce, and Microsoft 365. The integration with Box, Dropbox, Google, Salesforce, and Microsoft 365 enables the iboss Platform to gain visibility into data at rest for each of the cloud services. Leveraging the APIs provided by each cloud solution, the iboss Platform performs malware and DLP analysis on the content stored in those cloud applications. If any DLP violations are discovered or any files stored within the cloud service contain malware, the files will be flagged so any violations or threats can be remediated quickly.

Native Microsoft integration with Microsoft Defender for Cloud Apps

The iboss cloud is natively and extensively integrated with Microsoft. This includes integrations across Microsoft 365, Microsoft Azure, and Microsoft Defender for Cloud Apps CASB. The Microsoft 365 integration ensures fast and uninterrupted connections to Microsoft while Microsoft 365 Tenant restrictions ensures appropriate access to Microsoft 365 domains. The Microsoft 365 Tenant restriction can be applied on a per-group basis.

In addition, Microsoft Defender for Cloud Apps integration extends the extensive application controls and visibility provided within the iboss Cloud Platform to seamlessly include all the CASB controls within Microsoft Defender for Cloud Apps. Enabling Microsoft Defender for Cloud Apps couldn’t be easier and only requires enabling the feature and leveraging an existing Microsoft Defender for Cloud Apps subscription.

Learn More About Microsoft CAS Integration

The rest is handled by the iboss cloud including sending the necessary user data to Microsoft for processing. In addition, any application sanctioned within the Microsoft Defender for Cloud Apps Platform synchronize automatically with the iboss Platform which ensures shadow IT and unsanctioned applications are controlled for users wherever they roam.