Top 3 Data Visualization Capabilities in a CASB Solution

By on Apr 02, 2020

In the most recent Cloud Adoption and Risk Report generated by McAfee, 52% of the companies said they experience ‘better’ security in the cloud.  As enterprises move their most sensitive data assets to the cloud, they are making increased investments in CASB solutions to secure these data assets. Most security solutions generate significant amounts of data and security teams have to parse this data to derive insights and remediation measures quickly. The visualization capabilities of a CASB solution play a key role in better understanding the company’s cloud security posture.

MVISION Cloud customers have given feedback that data visualization within a CASB is critical to support their operations. The challenge presented by customers was that they didn’t have the time to export data to third party tools like excel and manipulate this data to get the required visualization. If these capabilities are provided within the CASB tool, it saves the security teams time and allows them to get deeper insights on their cloud security posture.

With the most recent release of MVISION Cloud, we have provided new and improved visualization capabilities so customers can get the insights they need to make security decisions. These capabilities not only enable them to regularly monitor key metrics, but also share this information and visualizations with other security stakeholders and executives.

  1. Granular Charting Capabilities That Provide Deep Insights

A CASB solution provides several metrics around cloud usage, including number of users, upload data volume, request count, inbound/outbound data, and allowed/denied requests, number of DLP incidents, threats, anomalies etc. By providing the right visualization, customers can more efficiently parse the data, execute any required analyses and take any action to remediate. For example, a security admin may want to understand the top 10 cloud service categories by upload volume.

Visualization of services and risk using multiple dimensions

Once this chart is available, they may want to drill down into how many services in these categories were high, medium, or low risk, helping to narrow down the categories where users are uploading the most data to risky services. Another example could be understanding the number of Office 365 DLP incidents produced by company departments. An admin can drill down further to visualize incident severity for each of these departments. Providing multiple dimensions of visualization is key to analyzing enterprise cloud usage to produce quick insights.

  1. Monitor Metrics using Dashboard Cards

Once a CASB administrator has plotted the desired charts, they will want to monitor these charts on a regular basis. MVISION Cloud enables customers to display their charts on a customizable dashboard so they can check on variations in key metrics. An example of this is a large financial services customer wanting to monitor metrics on IaaS resources on a regular basis. This could include a list of resources across AWS, Azure, and GCP within their company, or a list of top non-compliant resources, or the number of unresolved security configuration incidents.

Dashboard to monitor IaaS Security Metrics
  1. Share Visual Insights with Stakeholders using Reports

Security admins using CASB solutions collaborate with a number of stakeholders including Executive Management, Support, IT and they want to keep them updated on key cloud security metrics. While most solutions allow a periodic export of data in spreadsheets, the capability to export a rich dashboard as a scheduled report makes the information much more consumable. An example is a dashboard representing key Microsoft Office O365 security metrics, such as unresolved incidents by severity.

Report on Office 365 DLP Incidents by Severity

As an increasing number of business functions move to the cloud, customers are now using cloud security solutions to secure all their cloud assets from web traffic, cloud services, IaaS and Container resources. Having the ability to clearly visualize the security metrics and arrive at the required insights and remediation is key to ensuring continued security of enterprise assets in the cloud. While this includes many components and approaches, rich visualization capabilities like those provided by MVISION Cloud are instrumental in getting the most value out of your CASB solution and securing your enterprise cloud assets.

About the Author

Suhaas Kodagali

Suhaas is responsible for delivering products that meet the fast pace of innovation in the cloud security market.

Read more posts from Suhaas Kodagali

Categories: Cloud Security

Subscribe to McAfee Securing Tomorrow Blogs