Security Control - Data Protection via Data Security Policies
Description Web application and data access is secured utilizing Cloud Access Security Broker (CASB) or Data Access Governance (DAG) enforcement policies
Components and Required Capabilities

 Access Management

  • Must have the ability to  to work with CASB and send authentication for reverse proxy

Cloud Access Security Broker 

  • Must have the ability to work with access management to provide access to web-based applications
  • Must have the ability to detect policy violations and terminate access

Data Access Governance

  • Must have the ability to consume file and event data to determine policy violations
  • Must have the ability to notify manager of policy violations
  • Must have the ability to notify identity governance to execute attestation campaign
Interaction Diagram