Proofpoint was recognized in Gartner’s Magic Quadrant for Cloud Access Security Brokers for the third year running. Gartner named Proofpoint a Challenger in its report based on our ability to execute and completeness of vision.
In this year’s report, we believe, Gartner recognizes our people-centric approach to cloud threat protection and data security. Proofpoint Cloud App Security Broker (Proofpoint CASB) also integrates with Proofpoint email security, remote browser isolation , ZTNA and DLP products to enable adaptive access controls. Proofpoint bundles of these products may be attractive to customers, particularly those with a large remote workforce.
Let’s take a closer look at the advantages Proofpoint’s solution provide.
People-centric Cloud Security
With the shift to work from home (or anywhere) and increased adoption of cloud applications, it is more apparent than ever that people are the new security perimeter. This is why Proofpoint has adopted a people-centric approach to cloud security.
Proofpoint CASB factors in content inspection (sensitive and regulated data), user behavior and context (user device, location, etc.) and user-specific threat intelligence in our risk assessment of cloud activities as well as design of adaptive access controls. For example, our email security platform sends Very Attacked People (VAP) data to Proofpoint CASB to automate application and data access policies for users who exhibit a high propensity for being attacked. You can also apply policies based on user role and privileges.
Consistent Data Security and Compliance across the Enterprise
Working from anywhere has become a business necessity. Face-to-face interactions in the workplace are rapidly being replaced with cloud-based messaging and real-time collaboration. Users are sharing sensitive data using tools like Microsoft SharePoint Online, Teams, Box and Dropbox as well as email. Attackers are compromising cloud accounts and stealing data from SaaS applications and IaaS services. Misconfiguration of IaaS services such as AWS and Azure brings another set of security and compliance challenges.
Proofpoint CASB helps you identify and protect cloud data that’s at risk because of broad permissions and unauthorized data sharing. We enable data loss prevention (DLP) policies based on user risk for more useful DLP alerts and access-level changes. For example, when CASB detects cloud account compromise, it can alert on and remediate suspicious file activities such as data exfiltration or manipulation. In addition, Proofpoint CASB integrates with our Enterprise DLP solution for consistent policy enforcement across multiple channels. With Proofpoint CASB, you can:
- Deploy consistent DLP as part of Proofpoint Enterprise DLP, a people-centric solution that brings together content, user behavior, and threat telemetry across cloud, email, and endpoint channels
- Simplify day-to-day operations as part of Proofpoint Enterprise DLP and manage incidents in a unified investigations interface that helps you identify and respond quickly to data risks posed by negligent, compromised, and malicious users.
- Shorten time to discover and protect regulated cloud data with out-of-the-box Data Loss Prevention (DLP) policies to stay in compliance with PCI, PII, PHI and GDPR
Proofpoint CASB IaaS Protection also helps you manage your cloud security posture by simplifying multi-cloud and multi-region IaaS security and compliance. Within a single console, you can:
- Discover all approved and unapproved IaaS accounts and resources
- Evaluate your IaaS configurations and settings against four security baselines (CIS Foundations, PCI DSS, ISO 27001, and SOC TSP) and follow best practices for remediating misconfigurations that present a security risk
- Monitor for suspicious logins and admin activity and apply consistent policy enforcement across multiple public cloud providers
Advanced Cloud Threat Protection
Threat actors have followed the enterprise migration to the cloud. Cybercriminals target popular SaaS applications like Microsoft Office 365 and Google G Suite. They use password spray attacks, phishing attacks, and malicious file shares to compromise cloud accounts. Once they take over user accounts, they move laterally inside an organization, steal data, or communicate with your business partners or customers to request fraudulent wire transfers.
Proofpoint CASB provides people-centric threat protection and adaptive access controls. Our analyst team researches cloud-specific and cloud-native attacks. We detect cloud account compromise and automate response with contextual and actionable alerts. Proofpoint CASB uses our own anti-malware and sandboxing tools for malware protection. Our customers can leverage several CASB integrations with Proofpoint products to minimize their users’ exposure to cloud threats:
- Proofpoint Targeted Attack Protection (TAP) sends user risk intel to CASB and enables you to apply VAP-specific access and threat protection policies.
- Email and cloud threat correlations between TAP and CASB help you connect phishing attacks to cloud account compromise, determine source of attack and take appropriate action.
- Integration with Proofpoint Threat Response enables you to automatically orchestrate security response (e.g. suspend user, change password) between CASB and Microsoft Active Directory on-premises.
- CASB integrations with Proofpoint’s isolation and ZTNA products, give you broad set of access controls for your cloud apps. You can require VPN, grant users read-only access or apply DLP policies to uploads and downloads based on device/network/user risk to enable secure access for your remote workforce and protect sensitive data.
Superior Economic Value and Time to Value
Proofpoint CASB offers our customers advantages that go beyond product functionality:
- Our customers achieve actionable results in less than 4 weeks without the need for additional staff
- Our product structure is simpler. We offer one user-based license for all SaaS apps and other one for all IaaS services.
- Attractive bundles enable you to take advantage of integrations with email security, DLP, security orchestration, remote browser isolation and ZTNA products for holistic threat and information protection across the enterprise.
- Proofpoint Implementation and Consultative Services help you get the full value of your Proofpoint solutions—and get it faster.
Proofpoint CASB extends our expertise in people-centric security to cloud apps and services. CASB integrations with other Proofpoint technologies and our flexible bundles offer cost and operational efficiencies as well as the opportunity for vendor consolidation. We recommend you use the 2020 Gartner Magic Quadrant for Cloud Access Security Brokers to gain insight into the capabilities that make Proofpoint distinctive in the CASB market.
To learn about CASB market trends and what’s distinctive about Proofpoint CASB, download the 2020 Gartner Magic Quadrant report.