Cloud Access Security Brokers (CASBs) have only been around for a few short years, yet have gone through rapid evolution throughout that time. There have been several distinct phases of CASBadoption in the last three years, with yet another phase beginning as we start 2018. Let's take a closer look at the evolution of CASB and how the market will change in 2018.
- 2015 - Cloud is Bad
Early use cases for Cloud Access Security Brokers assumed that cloud was a bad thing - to be avoided at all costs. As a result, it should come as no surprise that first generation CASBs came to market with a visibility tool that helped organizations identify the "bad" and keep it out. Shadow IT Discovery, as it came to be known, was adopted rapidly, but provided visibility without control, minimizing its usefulness.
- 2016 - Early CASB Adopters
By 2016, early adopter organizations began to realize that cloud applications can actually be more secure than their premises counterparts, but typically need a data & threat protection boost by third party security solutions, namely CASBs. At the same time, Microsoft began pushing Office 365 aggressively into the enterprise. In 2016, CASB adopters were typically large organizations, in regulated and security conscious industries (Healthcare, Financial Services, Pharmaceuticals & Life Sciences, etc), adopting a handful of well-known cloud applications like Office 365, Salesforce and Box.
- 2017 - CASB Hits the Mainstream
In 2017, cloud adoption hit full tilt, arriving in every industry in a big way. While the specific CASB feature sets varied from one industry to the next, security & compliance remained top of mind, with planned CASB projects in a large cross section of enterprises. The mainstream began where the early adopters started - securing large cloud applications like Office 365 and G Suite.
At the same time, usage patterns in the early adopter organizations began to change. With major apps protected, and an increasing comfort level with public cloud, CASB usage began to spread to more applications in these enterprises - lesser known SaaS applications, custom applications moving to public cloud IaaS platforms, and more.
- 2018 - More Apps, More Risks
In 2018, public cloud has become the de facto platform for new application purchase and for migration of internal apps. Mainstream adopters have secured their first cloud applications with CASB and have begun to look at the platforms for a broader set of applications. New applications take the form of both managed/controlled and unmanaged/Shadow IT applications. Both categories of applications evolve and change constantly. New applications of both types make their way into the enterprise on a daily basis. New threats target these applications, many of which have little in the way of data or threat protection.
While this new evolution means huge opportunity for the enterprise, it also brings with it significant cause for concern. That's why we've spent so much effort evolving the Bitglass Next-Gen CASBplatform with Zero-day Core technologies. It's the only CASB on the market that dynamically adapts to the evolving enterprise cloud footprint -- future proof for 2018 and beyond.