Market Guide for Cloud Access Security Brokers 22 October 2015 G00274053 Analyst(s): Craig Lawson | Neil MacDonald | Brian Lowans More Like This This is part of an in-depth collection of research. See the collection: Cloud Security and Emerging Technology Security Summary The cloud access security broker market is rapidly evolving, with vendors providing a wide range of security features and multiple delivery options. CASB is a required security platform for organizations using cloud services, and security leaders should use this research to shortlist CASB providers. Overview Key Findings The cloud access security broker market has evolved rapidly since its gestation period in 2012, and it has rapidly become a necessary cloud security control technology, regardless of the industry vertical, for organizations adopting multiple cloud services. CASBs primarily address back-office applications delivered as SaaS (e.g., CRM, ERP, HR, productivity and service desks). Applications focused on specific industry sectors, such as healthcare and general cloud services (e.g., business intelligence), are not well-covered. SaaS dominates CASB coverage, and infrastructure as a service support is improving; however, platform as a service coverage is limited. SaaS and IaaS are the main areas seeing service support and feature improvements. Enterprise business units are acquiring cloud services directly without involving the IT organization. This is fueling growth in cloud service adoption. The wide adoption of identity as a service and identity and access management into the cloud, meaning a single identity store, has reduced the friction in adopting CASBs and cloud services. Providers in this market are mainly fueled by venture capital funding; therefore, the number of providers will consolidate at approximately seven or fewer stand-alone vendors by 2018. Recommendations
Security leaders should deploy CASB for the centralized control of multiple services that would otherwise require individual management. Security leaders should use Gartner's four pillars of CASB definition as a guide for selecting the providers that best address cloud service security use cases. Security leaders should be cautious when entering into long-term contracts. Build in flexibility, because you may need more than one CASB or you may need to transition from your current provider to one delivering a complete set of your use cases during the next two years. Contents Market Definition Enterprise Integration Cross-Over Technologies in CASB DLP and DCAP Security Analytics and UEBA Encryption and Tokenization Market Direction Market Analysis Representative Vendors Bitglass Blue Coat Systems (Perspecsys) CensorNet CipherCloud CloudLock Elastica FireLayers Imperva Microsoft (Adallom) Netskope
Palerra Palo Alto Networks Skyhigh Networks Vaultive Market Recommendations Gartner Recommended Reading Tables Table 1. CASB Will Evolve to Cover SaaS, PaaS and IaaS Strategic Planning Assumptions Through 2020, 95% of cloud security failures will be the customer's fault.
- Spring '16
- Cloud services, CASB