Cloud Access Security Broker [CASB] Cloud Data Protection Gateway [CDPG]

Forrester has a much higher implementation efficiency for cloud data protection than for Information Rights Management (IRM) for example. In our opinion, there is much to suggest that the company has also discovered the diverse potential behind this approach.

Protecting the data in "the cloud " is just the tip of the iceberg. With the same principles test data can be produced, legacy solutions can be backed up cost-effectively and new compliance regulations can be implemented efficiently.

A technology with such a wide range of applications is much cheaper than for example the relatively focused IRM.

When are you ready to explore the new possibilities?

The SaaS-controlled approach is typically implemented by CASB (Cloud Access Security Broker) products, while the Owner-controlled approach is the domain of CDPG (Cloud Data Protection Gateway) products.


Our CASB (Cloud Access Security Broker) and CDPG (Cloud Data Protection Gateway) provide specialized functionality for today's cloud challenges.

While most cloud solutions have good approaches to availability and integrity, the aspects of confidentiality and privacy are often in the array.

In addition to the "usual " CASB tasks, Centraya is particularly well suited for the CDPG challenges:

 1. Shadow IT Detection and User Behaviour Analysis (UEBA)                                                                                                             The primary theme of today's CASB solutions brings transparency to employees use of the cloud.                                       Good integration  with a DLP solution helps to bind the use to concrete crown jewels.

2. Access brokerage                                                                                                                                                                                      Authorization in the age of the cloud ensures that the use of cloud solutions is compliant with the                                        company's understanding of roles.

3. Encryption                                                                                                                                                                                                 Encryption and tokenization of files and fields. At this stage we see the separation between                                                   CASB (file encryption) and CDPG (File/Field encryption/tokenization)

4. Multi Cloud Process Support                                                                                                                                                                  Based on our "2o2o/3o " cloud hypothesis, process support between multiple cloud solution becomes a key need

5. On Prem Support                                                                                                                                                                                      The CDPG and CASB technology can also deliver valuable new approaches within the company

Other use cases with current backgrounds:

Data anonymization                                                                                                                                                                                  Turn productive data into anonymized, context-preserved test data through format-preserving encryption and tokenization. It has never been easier to generate secure test data.

Right to be forgotten                                                                                                                                                                               GDPR defines the right to be forgotten. In the overall context, data in archives, backups, databases, files, etc. must be tracked and deleted-or replaced by obfuscated values. A solution that brings many synergies to general data protection and privacy.

Legacy Protection                                                                                                                                                                                  Increasing data protection in existing applications is, if at all possible, very expensive. Centraya offers a low-cost, minimally invasive option here.

Aren't your challenges included? Contact us - we can certainly find a solution!

Where does the journey go with the "Cloud "-our 2o2o/3o hypothesis in 3 acts

  1. The triumph of the cloud is unstoppable. It is even likely to be available to fewer and fewer applications "on-prem." New functionalities are already being provided in cloud offering. The business case of the manufacturers is much better for the cloud than on-prem.
  2. In 5-10 years most of the functionalities will come from the cloud. In the cloud, networks and devices are not under the control of the end customer. Data protection focuses on encryption.
  3. With more and more functional elements in the cloud the entire processes will also move to the cloud.

If we look at the last few years and the decision-making criteria for strategic development, we see few alternatives to this realistic hypothesis. Customers who want to adapt to this have two options in principle:

Giving up control sovereignty over your own data

A creeping but continuous process, which is very difficult to undo. The consequences regarding privacy etc. are also unclear. In the worst case however, it remains responsible for privacy violations, but at the same time they have no means of control.

In this approach, data protection is primarily delegated to the providers of functionality.

Defending control sovereignty over its own data

A somewhat more rocky but alternative path, control sovereignty is also to be secured in the medium and long term. Connects the protection mechanisms:

  • Including (DLP, CASB-I/II)
  • Encrypts (CASB-III, CDPG-IIIIV/V)
  • Usage restriction (DLP, CASB-II, CDPG-IIIIV/V)