65
edits
Changes
Jump to navigation
Jump to search
Line 1:
Line 1: − === On-Premise API to SaaS Reference Model (2021-05-03 DRAFT) ===+
File:On-Premise API to SaaS Reference Model (2021-05-03 DRAFT).jpg (view source)
Revision as of 09:55, 25 May 2021
, 09:55, 25 May 2021no edit summary
== On-Premise API to SaaS Reference Model (2021-05-03 DRAFT) ==
This model depicts Protected B outbound data from on-premise/Data Centre to a SaaS (Software as a Service). As a best practice, it is recommended to secure this flow via API Management (e.g. API Gateway, reverse proxy). SCED (Secure Cloud Enablement Defense) is not required as a security control for this flow.
This model depicts Protected B outbound data from on-premise/Data Centre to a SaaS (Software as a Service). As a best practice, it is recommended to secure this flow via API Management (e.g. API Gateway, reverse proxy). SCED (Secure Cloud Enablement Defense) is not required as a security control for this flow.
The model also depicts that SCED CASB (Cloud Security Access Broker) is required as a security control for GC End Users to access Protected B data in a SaaS (Departmental or GC-wide). A CASB agent needs to be installed on a GC Managed Device to identify the user as a GC End User. This means GC End Users must access Protected B data on a SaaS via a GC Managed Device.
The model also depicts that SCED CASB (Cloud Security Access Broker) is required as a security control for GC End Users to access Protected B data in a SaaS (Departmental or GC-wide). A CASB agent needs to be installed on a GC Managed Device to identify the user as a GC End User. This means GC End Users must access Protected B data on a SaaS via a GC Managed Device.
.jpg){kind=link}
.jpg&action=edit){kind=link}
.jpg&oldid=47915){kind=link}