The widespread popularity of cloud computing has given rise to a new generation of security platforms and providers known as Security-as-a-service, or SECaaS.
Security-as-a-service providers usually function the same way as a SaaS providers: they charge a monthly subscription fee to reduce cost burden for outsourced services. But instead of providing access to a tool or platform, they provide protection for your apps, data, and operations that run in the cloud.
The SECaaS market is already worth more than $3 billion and expected to surpass $8 million by 2020, according to MarketsandMarkets. As more and more companies are discovering, this service is highly valuable, if not mission-critical. Here’s why:
Many organizations plunged headfirst into cloud computing without adequate knowledge and resources for provisioning their own security. They trusted vendors to take care of everything behind the scenes, but failed to consider the implications of an entire cloud infrastructure with a dozen or more applications sharing data and credentials.
What does it mean to protect corporate data and systems when all of your applications, storage, and infrastructure are running on remote servers, hosted via the web? How relevant are firewalls and traditional endpoint protection?
In this brave new world, the perils are many:
- Data loss
- Regulatory compliance violations
- Compromised credentials
- Hacked APIs
- Advanced persistent threats (APTs)
- Hijacked accounts or traffic
- DoS and DDoS attacks (denial of service; distributed denial of service)
The right SECaaS provider can help you overcome these and other vulnerabilities without exhausting your own IT resources, and without paying an exorbitant sum for a server-based solution. Most will integrate their services with your existing infrastructure, and some can even work in hybrid environments if you use a mix of cloud and on-premise resources.
If you’re shopping for SECaaS for the first time, it can be difficult to decide which provider is best suited to your needs. There are many different types of SECaaS providers with different specialties, features, and price points. In this article, we’ll divide the market into five major categories and highlight a top vendor for each.
1. Cloud Access Security Brokerage
Cloud access security brokerages (CASBs) are the “integrated suites” of the SECaaS world. CASB vendors typically provide a range of services designed to help your company protect cloud infrasructure and data in whatever form it takes. According to Gartner, CASBs are “security policy enforcement points placed between cloud service consumers and cloud service providers to combine and interject enterprise security policies as the cloud-based resources are accessed.”
Top Vendor: Palerra
Although a younger company (founded in 2013), Palerra has already established their reputation attracted tens of millions of dollars in funding from several A-list investors. Their product was the first on the market to automate the entire security lifecycle, from preventative measures to detection and remediation.
Their cloud security automation platform, LORIC, covers threat detection, predictive analytics, configuration management, and incident response. LORIC already integrates with a wide variety of cloud services, including Amazon Web Services, Salesforce, Google Apps, Office 365/Sharepoint, Box, GitHub, ServiceNow, Rackspace, and Discovery. Click here to learn more about pricing and features or get a free demo.
2. Single Sign-On
Single sign-on (SSO) services give users the ability to access all of their enterprise cloud apps with a single set of login credentials. SSO also gives IT and network administrators a better ability to monitor access and accounts. Some of the larger SaaS vendors already provide SSO capabilities for products within their suite, but chances are, you don’t just use applications from one vendor . . . which is where a third-party SSO provider would come in handy.
Top Vendor: Okta
As a vendor, Okta focuses on the identity and access management (IAM) aspect of cloud security. Part of their mission is to “grant people access to applications on any device at any time, while still enforcing strong security protections.”
Okta’s single sign-on solution uses Security Assertion Markup Language (SAML) to validate log-in credentials and let users securely access any application with a single username and password. For apps that don’t use SAML, users will just need to enter their credentials through the Okta homepage for secure, encrypted web access. Okta provides strong central administrative features, so IT managers can set custom policies and report on usage, as needed. They also offer one of the broadest integration networks in the industry, so you can add SSO capabilities to about every application imaginable — whether cloud or desktop.
3. Email Security
It may not be the first application that comes to mind when you think about outsourcing security, but a massive amount of data travels in and out of your business through cloud-based email servers. SECaaS providers that focus on email security can protect you from the menagerie of threats and risks that are an intrinsic part of email: malvertising, targeted attacks, phishing, data breaches, etc. Some email security tools are part of a larger platform, while other vendors offer it as a standalone solution.
Top Provider: Proofpoint
Proofpoint is one of the top cloud security providers that focuses on email. Their solution is designed to secure and control outbound and inbound email threats in any kind of environment, from small businesses running on Gmail, to complex, hybrid Sharepoint environments at large enterprises. As part of their service level agreement, Proofpoint guarantees 99.999 percent blocked spam and 100 percent virus protection. They use signature-based detection to protect your company against known and emerging threats from any kind of IP address.
Like other solutions in this article, Proofpoint provides some pretty useful tools for administrators, like their 60+ out-of-box reports and custom policy creation at the group, user, and global level. Other features include: graymail management, mobile defense, data loss prevention (DLP), encryption, and social media security.
4. Website and App Security
Beyond protecting your data and infrastructure when using cloud-based applications, you also need to protect the apps and digital properties that you own and manage — i.e. your website. This is another area where traditional endpoint and firewall protection will still leave you vulnerable to attacks, hacks, and breaches. Tools and services in this category are usually designed to expose and seal vulnerabilities in your external-facing websites and web applications, or even internal portals/intranets.
Top Provider: White Hat Security
White Hat Security has been around a lot longer than many of its competitors, so they have a considerable amount of experience identifying and remediating web and application threats. Their current products use dynamic and static application security testing to make sure your websites and source code stay secure. White Hat also offers a solution for mobile application security, which applies the same analytics and testing capabilities to any mobile apps your organization deploys.
Regardless of which White Hat solutions you implement, you’ll gain access to a dedicated team of engineers at the “Threat Research Center” who can provide guidance on any issues that are beyond the expertise of your own team. White Hat has an impressive list of current and past clients, including the likes of Dell, NetApp, and Akamai.
5. Network Security
Cloud-based network security applications are designed to help your business monitor traffic moving in and out of your servers and stop threats before they materialize. You may already use a hardware-based firewall, but with a limitless variety of threats spread across the internet today, it’s a good idea to have multiple layers of security. Network security as a service, of course, means the vendor would deliver threat detection and intrusion prevention through the cloud.
Top Provider: Qualys
With over 8,800 customers in 100 countries, Qualys is one of the most popular providers in this category. Their platform is an integrated suit of security and compliance solutions that was built in the cloud and delivers all of its service through either multi-tenant or private cloud. Functional areas include continuous network monitoring (through sensor appliances and lightweight agents), vulnerability management, compliance management, web scanning, web application firewall, malware detection, and secure website testing.
Qualys network security tools monitor your assets (servers, computers, devices) and continuously discover them, identifying new vulnerabilities and helping you patch them immediately. You can also track devices in your local office or remote cloud environments and receive alerts about suspicious activity. The visual reports and dashboards let network admins keep a close eye on all of their assets, hosts, scans, and patches applied. Current and past Qualys clients include Cisco, GE, Microsoft, and Deloitte.
* * *
The scale of your IT environment and the applications you currently use will likely have the biggest impact on what solution you choose. Although these five are certainly some of the most popular security-as-a-service providers, they are by no means your only options. To browse other security solutions and get a custom recommendation for your business, head over to our Product Selection Tool.