SASE vendor Cato Networks is adding fine-grained cloud access security broker (CASB) controls to its platforms.
When employees working from home or branch locations log into SaaS services such as Office 365 or Dropbox or Salesforce, a CASB gateway can track the applications employees access, where they log in from, and sometimes even what they do when using those applications.
Previously, Cato only offered limited CASB controls, enabling companies to allow or prohibit the use of particular SaaS tools, says Dave Greenfield, Cato’s director of technology evangelism. Now, individual behaviors can be controlled. For example, users might be allowed to download documents from certain cloud file-sharing providers but can only upload documents to a company’s preferred platform.
“You can also take a broader approach and define categories based on security features in those products,” says Evin Safdia, Cato’s director of product marketing. “You can, say, allow file sharing only on platforms that are SOC 2 compliant and have [multi-factor authentication] as a feature,” he says.