Cloud Access Security Broker Initiated Data Classification Discovery
Cloud Access Security Broker has integration with Data Loss Prevention (DLP) and its policy engine, it will utilize this integration to action at rest files and documents scanned and classified. If a document is classified at a certain level, the CASB will respond appropriately.
Data at rest will be classified based on content and identity by the data classification application and securely protected via the Cloud Access Security Broker (CASB) inspecting content for appropriate use. If the content is sensitive, the CASB will respond according to policy.
– Click for larger image –
- At rest data has been successfully classified.
- CASB engine successfully detects sensitive data markings as appropriate based on their risk level.
- Sensitive documents are encrypted.
IDSA Security Controls
Controlling data encryption via security policy enforcement and/or risk posture.