Product complexity and a lack of in-house skills mean many organizations are failing to fully realize the benefits of their cloud access security broker (CASB) solutions, according to the Cloud Security Alliance (CSA).
The industry body polled over 200 IT and security professionals to better understand their challenges surrounding CASBs, which help organizations extend their security policies to the cloud.
It found that while 90% of organizations now use the software, half (50%) don’t have sufficient staff to make the most of them.
Over a third (34%) claimed that product complexity is also preventing them from realizing the solution’s full potential. In fact, over 30% admitted they have to use multiple CASB products to fulfil their security requirements.
Over half said they use CASBs to monitor user behavior (55%) and to provide insight into unauthorized access (53%). However, fewer than two-fifths (38%) use the tools for regulatory compliance and even fewer (22%) for internal compliance.
The solutions can help to bolster security and compliance by, for example, encrypting data using a company’s own keys before it reaches a SaaS provider. Identity and access management (IAM) is another popular feature, enabling IT managers to control how users log into apps and what corporate information they can view.
“CASB solutions have been underutilized on all the pillars but in particular on the compliance, data security, and threat protection capabilities within the service,” said Hillary Baron, lead author of the report and CSA research analyst.
“It’s clear that training and knowledge of how to use the products need to be made a priority if CASBs are to become effective as a service or solution.”
Back in 2018, it was predicted that 83% of enterprise workloads will be in the cloud by 2020. Yet cybersecurity concerns still remain a number one barrier to cloud adoption, according to many studies.