The cloud security gateway (CSG) market—also known as cloud access security brokers (CASB)—continues to grow in 2017, due to the rapid adoption of enterprise cloud services like Office 365, Box, Salesforce, and Amazon Web Services (AWS). With that in mind, International Data Corporation (IDC), an analyst firm, recently published its first IDC MarketScape report (download a complimentary copy here) on cloud security gateways. The report assesses all major CSG/CASB vendors and is based on a detailed quantitative and qualitative analysis of each vendor’s market share, capabilities, and current and future strategies.
As enterprises lose control over the different architectural components of the cloud, more uncertainty is introduced into the environment…given the robustness of CSG solutions and opportunities associated with aggregating data across multiple apps, CSGs are a fundamental requirement for any organization that leverages multiple public SaaS solutions.
IDC MarketScape: Worldwide Cloud Security Gateways 2017 Vendor Assessment
Pete Lindstrom, Tom Austin, Konstantin Rychkov
IDC MarketScape sees cloud security at a turning point as adoption levels of the cloud in enterprises have rapidly increased over the past few years. According to the report, more and more high-value information is being stored and managed in public Software-as-a-Service (SaaS), Platform-as-a-Service (PaaS) and Infrastructure-as-a-Service (IaaS) environments. The more robust and complex the cloud environment, the more likely a CSG/CASB will be required for efficient and effective security management. In determining the right cloud security solution for your organization, IDC MarketScape offers this pragmatic guidance:
Determine what functional requirements such as data loss protection, user behavior analysis, and malicious threat detection are the most important to your cloud security program.
- Decide if you are looking for a CSG that complements and integrates with your existing security solutions or a pure-play solution focused on the cloud security challenges.
- Determine which architectural elements — proxy gateways, API connectors, and client agents — should be deployed, and decide if they should they be hosted on-premises or in the cloud.
- Understand if your organization needs to incorporate encryption capabilities for structured and unstructured data into its CSG.
- Decide whether your organization is looking to integrate with and rationalize existing security solutions within your security programs.
IDC MarketScape scoring criteria
The IDC MarketScape report analyzes CASB vendors across two primary axes related to their product (strategy and capability) as well as their share of the CASB market. Within the strategy category, IDC MarketScape looks at the following four areas:
- Functionality strategy: an effective product roadmap that’s based on market input
- Delivery: ability to address worldwide cloud security needs
- Financial/funding: sustained growth in revenue generated from the CASB product
- Innovation: continued focus on innovation that keeps CASBs a key player in an enterprise’s security stack
Within the capabilities category, IDC MarketScape looks at the following four areas:
- Offering: product capabilities that satisfy the market’s need for cloud security
- Portfolio benefits: complimentary cloud security offerings such as cloud application discovery
- Total cost: offers multiple pricing options with capex/opex options that meet customer needs
- Competitive position: provides a well differentiated solution that stands apart from competition with an aim to supplant legacy security solutions
IT executive considerations
IDC MarketScape believes that “CSGs are likely to become the key security solution for any organization that is heavily dependent on cloud environments, in particular, public SaaS solutions. Given the mass movement toward solutions like Office 365, salesforce.com, Dropbox, Box.com, and Google Apps, this means almost everyone. The more robust and complex the cloud environment, the more likely a CSG will be required for efficient and effective security management.”
As such, IDC MarketScape offers the following considerations for IT Security executives evaluating various cloud security solutions:
- “Determine the level of complexity expected for cloud security over the next three years. All of these solutions satisfy basic needs for cloud security, but enterprises that expect to have a complex cloud architecture at all layers (SaaS, PaaS, and IaaS) with public and custom apps should lean toward solutions that are dedicated to supporting these new cloud architectures.
- Evaluate your encryption strategy. Whether to incorporate key management and encryption of structured and unstructured data is a “hot button” issue for many solution providers in this space. IDC recommends performing a separate evaluation in this area, however, for those organizations with basic requirements, such as encrypted file transfer, where CSG capabilities may make sense. Solutions vary significantly in their approach in this regard.
- Custom app support may be the differentiator. It is extremely difficult to evaluate support for custom applications among these CSGs, primarily because it is extremely uncommon. To the extent your organization is committed to custom apps that will require security, you will find a handful of players that have strong capabilities here, but will need to decide for yourself which one specifically fits the bill.”
To view IDC MarketScape report, download a copy of the report here.