Which tool provides visibility into cloud applications and enforces data security policies?

A Cloud Access Security Broker (CASB) acts as an intermediary between cloud service users and cloud applications, providing essential visibility and security controls. CASBs enable organizations to monitor cloud applications, enforce security policies, and ensure compliance with regulations while users engage with these services. They do this by offering features such as data encryption, identity management, and activity monitoring. This level of visibility is critical for identifying potential security risks and applying appropriate data security policies to protect sensitive information.

The other options listed do not provide the same level of visibility or enforcement of data security policies. Cloud-based data storage merely refers to the storage of data in the cloud without integrating security monitoring. Cloud-based data backup focuses on creating copies of data for recovery purposes but does not enforce security policies. Similarly, cloud-based disaster recovery services are concerned primarily with restoring systems after a failure and do not provide day-to-day visibility or policy enforcement regarding data security in cloud applications. Thus, a CASB is uniquely positioned to address these needs, making it the correct choice.