Case study: the implementation of a CASB

Find out how Chérif Hemmet, solution expert, implemented a Cloud Access Security Broker (CASB) for one of our customers.  

This client operates in the tourism sector. It is a company of more than 3.500 employees, of international scope, which accompanies more than one million customers each year. 

This company decided to migrate to the cloud via Office365. They wanted to secure their data and control access to it. They needed a Cloud Access Security Broker, more commonly known as a CASB. A CASB analyzes data flows and scans documents in a cloud, allowing suspicious files and behavior detection. 

As a very mature company on cybersecurity issues, it challenged several vendors on the market who had to demonstrate their solution’s reliability through a proof of concept. It was only once the vendor had been chosen that the company called on our services to deploy it. It is mainly on the technical part that this customer needed our services. 

For a CASB to work at its best, specific prerequisites are necessary. There is no predefined configuration for this type of solution. We are on a tailor-made service, adapted to each customer and each context. To set the CASB parameters, rules must be defined for each target population. It is a matter of determining scenarios to parameterize the software; when a user behaves in a way that is considered suspicious, the CASB must trigger an alert. 

Our client did a valuable and titanic job to configure these rules. He knew exactly what the needs and uses of the employees who would be using the CASB were. This information was used to establish the first rules of the solution. We then tested them on a sample of employees. Once the tests were successful, the CASB was deployed to the entire target population. 

The company chose to raise awareness on a case-by-case basis. The alerts raised by the CASB were used to inform the employees concerned about their errors while giving them the keys to adopting a safer behavior. 

A CASB is not technically challenging to set up if the preparation is well done. Our work was facilitated by the work done upstream by the company. Today, the customer is satisfied and even gives conferences about this operation during private events. 

If we had worked with a less mature customer on cybersecurity issues, we would have had to help them define the use cases and rules to be put in place with the help of the Orange Cyberdefense Consulting and Audit team. 

The customer is now completely autonomous. We are still there for any technical problem or question. This is not yet on the agenda, but perhaps we will accompany them in connecting their CASB to their internal network. This would allow us to bridge the gap between its internal and external data.