This post has been updated for 2019.
The widespread popularity of cloud computing has given rise to cloud security platforms and providers known as Security-as-a-service, or SECaaS.
Security-as-a-service providers usually function the same way as software-as-a-service (SaaS) providers: they charge a monthly subscription fee to reduce cost burden for outsourced services. But instead of providing access to a tool or platform, they provide protection for your apps, data, and operations that run in the cloud.
As more and more companies are discovering, this service is highly valuable, if not mission-critical. Here’s why:
Many organizations plunged headfirst into cloud computing without adequate knowledge and resources for provisioning their own security. They trusted vendors to take care of everything behind the scenes, but failed to consider the implications of an entire cloud infrastructure with a dozen or more applications sharing data and credentials.
What does it mean to protect corporate data and systems when all of your applications, storage, and infrastructure are running on remote servers, hosted via the web? How relevant are firewalls and traditional endpoint protection?
In this brave new world, the perils are many:
- Data loss
- Regulatory compliance violations
- Compromised credentials
- Hacked APIs
- Advanced persistent threats (APTs)
- Hijacked accounts or traffic
- DoS and DDoS attacks (denial of service; distributed denial of service)
The right SECaaS provider can help you overcome these and other vulnerabilities without exhausting your own IT resources, and without paying an exorbitant sum for a server-based solution. Most will integrate their services with your existing infrastructure, and some can even work in hybrid environments if you use a mix of cloud and on-premise resources.
If you’re shopping for SECaaS for the first time, it can be difficult to decide which provider is best suited to your needs. There are many different types of SECaaS providers with different specialties, features, and price points. In this article, we’ll divide the market into five major categories and highlight a top vendor for each.
1. Cloud access security brokerage
Cloud access security brokerages (CASBs) are the “integrated suites” of the SECaaS world. CASB vendors typically provide a range of services designed to help your company protect cloud infrasructure and data in whatever form it takes. According to McAfee, CASBs “are on-premises or cloud-hosted software that sit between cloud service consumers and cloud service providers to enforce security, compliance, and governance policies for cloud applications.” These tools monitor and act as security for all of a company’s cloud applications.
Top vendor: Oracle Cloud Access Security Broker (CASB)
Oracle acquired the company Palerra in 2016, extending its Identity Cloud Service into a fully-featured CASB. This product was the first on the market to automate the entire security lifecycle, from preventative measures to detection and remediation.
The CASB solution covers cloud security, user behavior analytics, and shadow IT discovery. The Oracle Security and Identity Cloud also offers a web application firewall, identity and access management, identity cloud services, and key management.
2. Single sign-on
Single sign-on (SSO) services give users the ability to access all of their enterprise cloud apps with a single set of login credentials. SSO also gives IT and network administrators a better ability to monitor access and accounts. Some of the larger SaaS vendors already provide SSO capabilities for products within their suite, but chances are, you don’t just use applications from one vendor, which is where a third-party SSO provider would come in handy.
Top vendor: Okta
As a vendor, Okta focuses on the identity and access management (IAM) aspect of cloud security. Part of their mission is to “grant people access to applications on any device at any time, while still enforcing strong security protections.”
Okta’s single sign-on solution uses Security Assertion Markup Language 2.0 (SAML), Secure Web Authentication (SWA), or OpenID Connect to validate log-in credentials and let users securely access any application with a single username and password. Okta provides strong central administrative features, so IT managers can set custom policies and report on usage, as needed. They also offer one of the broadest integration networks in the industry, so you can add SSO capabilities to about every application imaginable—whether cloud or desktop.
3. Email security
It may not be the first application that comes to mind when you think about outsourcing security, but a massive amount of data travels in and out of your business through cloud-based email servers. SECaaS providers that focus on email security can protect you from the menagerie of threats and risks that are an intrinsic part of email like malvertising, targeted attacks, phishing, and data breaches. Some email security tools are part of a larger platform, while other vendors offer it as a standalone solution.
Top provider: Proofpoint
Proofpoint is one of the top cloud security providers that focuses on email. Their solution is designed to secure and control outbound and inbound email threats in any kind of environment, from small businesses running on Gmail, to complex, hybrid Sharepoint environments at large enterprises. They use signature-based detection to protect your company against known and emerging threats from any kind of IP address.
Like other solutions in this article, Proofpoint provides some pretty useful tools for administrators, like their 60+ out-of-box reports and custom policy creation at the group, user, and global level. Other features include: graymail management, mobile defense, data loss prevention (DLP), encryption, and social media security.
4. Website and app Security
Beyond protecting your data and infrastructure when using cloud-based applications, you also need to protect the apps and digital properties that you own and manage—like your website. This is another area where traditional endpoint and firewall protection will still leave you vulnerable to attacks, hacks, and breaches. Tools and services in this category are usually designed to expose and seal vulnerabilities in your external-facing websites, web applications, or internal portals and intranets.
Top provider: White Hat Security
White Hat Security has been around a lot longer than many of its competitors, so they have a considerable amount of experience identifying and remediating web and application threats. Their products use dynamic and static application security testing to make sure your websites and source code stay secure. White Hat also offers a solution for web application security, which applies the same analytics and testing capabilities to any mobile apps your organization deploys.
Regardless of which White Hat solution you implement, you’ll gain access to a dedicated team of engineers at the White Hat Threat Research Center who can provide guidance on any issues that are beyond the expertise of your own team and issues where business context makes identifying threats difficult. White Hat has an impressive list of current and past clients, including the likes of Dell, NetApp, and Akamai.
5. Network security
Cloud-based network security applications help your business monitor traffic moving in and out of your servers and stop threats before they materialize. You may already use a hardware-based firewall, but with a limitless variety of threats spread across the internet today, it’s a good idea to have multiple layers of security. Network security as a service, of course, means the vendor would deliver threat detection and intrusion prevention through the cloud.
Top provider: Qualys
With over 8,800 customers in 100 countries, Qualys is one of the most popular providers in this category. Their platform is an integrated suite of security and compliance solutions that was built in the cloud and delivers all of its service through either multi-tenant or private cloud. Functional areas include continuous network monitoring (through sensor appliances and lightweight agents), vulnerability management, compliance management, web scanning, web application firewall, malware detection, and secure website testing.
Qualys network security tools monitor your assets (servers, computers, devices) and continuously discover them, identifying new vulnerabilities and helping you patch them immediately. You can also track devices in your local office or remote cloud environments and receive alerts about suspicious activity. The visual reports and dashboards let network admins keep a close eye on all assets, hosts, scans, and patches applied. Current and past Qualys clients include Cisco, GE, Microsoft, and Deloitte.
* * *
The scale of your IT environment and the applications you currently use will likely have the biggest impact on what solution you choose. Although these five are certainly some of the most popular security-as-a-service providers, they are by no means your only options. To browse other security solutions and get a custom recommendation for your business, head over to our Product Selection Tool.