This content is part of the Essential Guide: Combat the latest cloud security challenges and risks

Cloud access security brokers fill critical enterprise void

Enterprises are adding cloud access security brokers to their tool chain to protect data as it moves between on-premises and cloud provider platforms.

As security tops management concerns in 2016, cloud access security brokers are gaining attention from enterprises. Data security is paramount when enterprises move data center systems from their own premises to the cloud, and cloud access security brokers act as "gatekeepers" to protect their network traffic.

Traditionally, enterprises used firewalls to create a boundary between internal and external communications -- but cloud has blurred those lines. As organizations span their applications between their on-premises computing infrastructure and an off-site location, security tools that will protect data as it moves across both environments are in high demand. Cloud access security brokers, or tools that users place between internal systems and cloud service providers, help do this. They also allow enterprises to see who is using cloud services and what data is being stored and transmitted.

Weighing the pros, cons of cloud access security brokers

Cloud access security brokers hold the keys to the kingdom

Cloud access security brokers offer a number of benefits. First, they establish barriers that reduce risk and security threats by tracking the movement of authorized users, internal threats and potential hackers. The systems are also flexible; in addition to identifying potential threats, they provide varying degrees of policy enforcement.

For instance, an organization might use a cloud access security broker to discover that 30% of its employees are designated as system administrators with privileged access -- and such a high percentage could expose them to potential risks. A cloud access security broker also offers retroactive analysis, allowing enterprises to back date system activity and locate the origin of suspicious behavior.

Despite their benefits, cloud access security brokers pose some challenges. For example, to optimize their cloud security strategy, organizations should integrate cloud access security brokers with existing security products. However, the integration process can be time-consuming and difficult. Since cloud access security brokers are relatively new, the application program interfaces to connect to other security products may not be developed, so the customer has to take on that work itself.

Scales are tipping in favor of cloud access security brokers

Another challenge is that the cloud access security broker market changes often via mergers and acquisitions. The process of folding a startup into an established firm requires time, money and patience. Sometimes, the melding does not go well because of issues, like corporate culture conflicts, so customers become saddled with dead-end products.

What's to come in the cloud access security broker market

While cloud access security brokers are still new, they are poised for growth. In 2015, fewer than 5% of large businesses had installed them, but 85% of these firms will do so by 2020, according to analyst firm Gartner. The predicted growth is attracting various startups, including Bitglass, CloudLock, Elastica, ManagedMethods, Netskope, Palerra and Skyhigh Networks. Additionally, established vendors have entered the market through acquisition, such as Microsoft, which acquired Adallom, and Palo Alto Networks, which acquired CirroSecure.

Next Steps

Protect your cloud with this essential security guide

Build an identity-based security strategy for cloud

Share the responsibility for cloud security

Dig Deeper on Cloud security tools