Security Control:
Data Protection via Data Security Policies

Web application and data access is secured utilizing Cloud Access Security Broker (CASB) or Data Access Governance (DAG) enforcement policies.

Components and Required Capabilities

Data Access Governance

  • Must have the ability to consume file and event data to determine policy violations
  • Must have the ability to notify manager of policy violations
  • Must have the ability to notify identity governance to execute attestation campaign

Supporting IDSA Members (analyst reference, where available):

SailPoint.
STEALTHbits.
Varonis.

CASB

  • Must have the ability to work with access management to provide access to web-based applications
  • Must have the ability to detect policy violations and terminate access

Supporting IDSA Members (analyst reference, where available):

Interaction Diagram

Data Protection via Data Security Policies

– Click for larger image –