rvlsoft - Fotolia
How should security leaders decide what cloud security providers to use?
Advancements in cloud security occur so rapidly today that even cloud security providers (CSPs) have difficulties keeping up. A CSP is any vendor that offers a cloud service used to secure an enterprise's usage of cloud services. This can also include cloud access security brokers (CASBs) and other types of services.
Many cloud services provide security functionality for enterprises. Some enterprises may include multifactor authentication, SIEM, antiphishing or IT governance, risk and compliance from the cloud in their information security programs. These can also be used to secure an enterprise's cloud services.
Some cloud security providers can identify cloud services in use at an enterprise. They also securely configure and monitor the service -- depending on the specific cloud service used.
The CSP's functionality varies based on the specific cloud services it supports. Some can check the security-related configurations for one cloud service. Others may only monitor the service with more functionality focused on development.
As cloud services increase their internal security functionality and integrations, cloud security providers should incorporate these new capabilities into their services.
Security companies and cloud security providers acquire startups to expand the functionality of their existing tools. This trend is part of the long-running best of breed vs. suite of services debate where enterprises need to decide what kind of tools or services to use. Refer to the Gartner 2018 CASB Magic Quadrant report and Forrester's 2019 report on cloud security gateways to identify which of the top cloud security providers is the best fit at your enterprise.
To choose the best CSP for an organization, security leadership needs to be smart. Consider the security capabilities included or available for cloud services or management tools. Identify the enterprise's specific needs to safeguard cloud services.
Dig Deeper on Evaluating Cloud Computing Providers
Related Q&A from Nick Lewis
Enterprises new to the cloud can write new security policies from scratch, but others with broad cloud usage may need an update. Consider these ... Continue Reading
Cloud security certifications serve to bolster security professionals' resumes and boost value to employers. Learn about the top certifications ... Continue Reading
Enterprises have many options for email security best practices, ranging from deploying email security protocols to educating end users on the ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.