A security engineer is working to address the growing risks that shadow IT services are introducing to the organization. The organization has taken a cloud-first approach and does not have an on-premises IT infrastructure. Which of the following would best secure the organization?
In an organization with a cloud-first approach and no on-premises IT infrastructure, deploying an appropriate in-line Cloud Access Security Broker (CASB) solution is the best choice for addressing shadow IT risks. A CASB provides critical security functions such as visibility, threat protection, compliance, and data security for cloud services. It enables organizations to monitor and control the use of cloud applications, ensuring that all data and activities comply with security policies and regulations.
always CASB, for anything
CASP is the only answer that makes sense here.
I mean CASB*
B. Deploying an appropriate in-line CASB solution To address the risks associated with shadow IT services in a cloud-first environment, deploying a Cloud Access Security Broker (CASB) solution is a suitable approach. CASB solutions provide visibility and control over the use of cloud services, helping organizations monitor and manage the use of cloud applications to ensure compliance and security.
I see cloud; I choose CASB. No questions asked. its 80% always true when it comes to cloud security questions
It is B, especially if the company wants to move to a cloud forward approach AND there's no IT. CASB (Cloud Access Security Broker) can provide that security and group policy enforcement, making a smooth transition to the cloud process. Also because when in doubt, CASB out because if CASB is in the answer choices, it's most likely gonna be CASB. I haven't been wrong yet.
Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization. e.g Employees using personal cloud storage services (e.g., Dropbox, Google Drive) to store and share work-related files. Or Employees (BYOD) to work and connecting them to the corporate network without IT knowledge etc. While shadow IT can offer agility and flexibility for individual users or departments, it also presents several risks and challenges for organizations, e.g. it may lack adequate security controls, leaving sensitive data vulnerable to breaches or leaks. etc To mitigate the risks, organizations should implement strategies such as establishing clear IT policies, providing alternative approved solutions, conducting employee training on cybersecurity best practices, and deploying technology solutions like Cloud Access Security Brokers (CASBs) to monitor and control cloud usage.
keyword, "cloud-first" in the objective. B. Deploying an appropriate in-line CASB solution